www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW...
Effective URL:
https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wn...
Submission: On May 12 via api (May 12th 2021, 3:46:03 am UTC) from GB

Summary HTTP 188 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 49 domains to perform 188 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.theepochtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.

This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
24	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
4	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	34.120.33.89 34.120.33.89	15169 (GOOGLE) (GOOGLE)
3	65.9.97.26 65.9.97.26	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	35.201.68.206 35.201.68.206	15169 (GOOGLE) (GOOGLE)
2	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	65.9.97.60 65.9.97.60	16509 (AMAZON-02) (AMAZON-02)
2 4	65.9.97.90 65.9.97.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
10	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
14	136.243.217.162 136.243.217.162	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:5c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.97.12 65.9.97.12	16509 (AMAZON-02) (AMAZON-02)
1	52.24.28.41 52.24.28.41	16509 (AMAZON-02) (AMAZON-02)
3	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
8	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
16	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	52.50.187.150 52.50.187.150	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4	146.185.195.94 146.185.195.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3038::6815:ea20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.97.28 65.9.97.28	16509 (AMAZON-02) (AMAZON-02)
6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
4 4	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
8 12	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4 17	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
5 6	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
4 4	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
4 6	52.49.40.147 52.49.40.147	16509 (AMAZON-02) (AMAZON-02)
4 5	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
1 1	65.9.97.32 65.9.97.32	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	50.16.38.94 50.16.38.94	14618 (AMAZON-AES) (AMAZON-AES)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
188	60

2 199.60.103.2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

www.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com

comment.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.97.26 (United States)

ASN16509 (AMAZON-02, US)

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.60 (United States)

ASN16509 (AMAZON-02, US)

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.97.90 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 136.243.217.162 (Germany)

ASN24940 (HETZNER-AS, DE)

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static6.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:5c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.12 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.28.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-28-41.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)

epoch-times-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.187.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.185.195.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6c975968d179c1273408debefce8450c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map3.hwcdn.net

vs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea20 (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.28 (United States)

ASN16509 (AMAZON-02, US)

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.133.208 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.142.16 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.110.162 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.49.40.147 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.235 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.239.17.112 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.38.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	theepochtimes.com www.theepochtimes.com img.theepochtimes.com	705 KB
20	doubleclick.net 8 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	120 KB
16	openx.net epoch-times-d.openx.net eu-u.openx.net us-u.openx.net	4 KB
15	casalemedia.com 4 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	16 KB
14	adnxs.com 1 redirects prebid.adnxs.com ib.adnxs.com acdn.adnxs.com secure.adnxs.com	42 KB
14	mixi.media mixi.media static.mixi.media target.mixi.media static8.mixi.media static3.mixi.media static6.mixi.media static4.mixi.media static2.mixi.media	551 KB
10	googlesyndication.com 6c975968d179c1273408debefce8450c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	118 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	39 KB
8	youmaker.com subs.youmaker.com comment.youmaker.com www.youmaker.com sc.youmaker.com vs.youmaker.com	530 KB
6	bidr.io 4 redirects match.prod.bidr.io	3 KB
6	bidswitch.net 5 redirects x.bidswitch.net	2 KB
6	adsrvr.org match.adsrvr.org	2 KB
5	adform.net 4 redirects c1.adform.net	2 KB
5	pubmatic.com ads.pubmatic.com image6.pubmatic.com	46 KB
5	gumgum.com g2.gumgum.com rtb.gumgum.com	3 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	indexww.com js-sec.indexww.com	4 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	stat.media stat.media	30 KB
4	rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	yahoo.com c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	2 KB
4	districtm.io dmx.districtm.io cdn.districtm.io	383 B
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	2 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
4	googletagservices.com www.googletagservices.com	119 KB
3	chargebee.com js.chargebee.com	67 KB
2	avct.cloud 2 redirects ads.avct.cloud	888 B
2	facebook.com www.facebook.com	496 B
2	facebook.net connect.facebook.net	96 KB
2	google.de www.google.de adservice.google.de	1 KB
2	google.com www.google.com adservice.google.com	846 B
2	google-analytics.com www.google-analytics.com	19 KB
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	bttrack.com bttrack.com	380 B
1	adgrx.com cm.adgrx.com	408 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	610 B
1	rfihub.com 1 redirects p.rfihub.com	777 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	smadex.com 1 redirects cm.smadex.com	528 B
1	pushengage.com clientcdn.pushengage.com	18 KB
1	epoch.cloud services.epoch.cloud	2 KB
1	sonobi.com sync.go.sonobi.com	509 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	552 B
1	quantcount.com rules.quantcount.com	438 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
0	id5-sync.com Failed id5-sync.com Failed
188	49

	Domain	Requested by
21	www.theepochtimes.com	info.silobreaker.com www.theepochtimes.com
12	cm.g.doubleclick.net	8 redirects www.theepochtimes.com eu-u.openx.net
8	eu-u.openx.net	www.theepochtimes.com eu-u.openx.net
8	ib.adnxs.com	www.theepochtimes.com acdn.adnxs.com ssum-sec.casalemedia.com
7	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net info.silobreaker.com
6	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	match.prod.bidr.io	4 redirects eu-u.openx.net
6	us-u.openx.net	eu-u.openx.net
6	x.bidswitch.net	5 redirects
6	match.adsrvr.org	www.theepochtimes.com eu-u.openx.net ssum-sec.casalemedia.com
5	c1.adform.net	4 redirects ssum-sec.casalemedia.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	pm.w55c.net	4 redirects
4	js-sec.indexww.com	www.theepochtimes.com ssum-sec.casalemedia.com
4	sync.mathtag.com	4 redirects
4	ads.pubmatic.com	www.theepochtimes.com ads.pubmatic.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	stat.media	mixi.media stat.media
4	sb.scorecardresearch.com	2 redirects www.theepochtimes.com
4	www.googletagservices.com	www.theepochtimes.com securepubads.g.doubleclick.net
4	c.amazon-adsystem.com	www.theepochtimes.com c.amazon-adsystem.com
3	rtb.gumgum.com	www.theepochtimes.com
3	static8.mixi.media	www.theepochtimes.com
3	pixel.quantserve.com	2 redirects www.theepochtimes.com
3	prebid.adnxs.com	www.theepochtimes.com
3	mixi.media	www.theepochtimes.com static.mixi.media
3	js.chargebee.com	subs.youmaker.com js.chargebee.com
3	img.theepochtimes.com	www.theepochtimes.com
2	ads.avct.cloud	2 redirects
2	pr-bh.ybp.yahoo.com	eu-u.openx.net
2	www.facebook.com
2	eus.rubiconproject.com	www.theepochtimes.com eus.rubiconproject.com
2	cdn.districtm.io	www.theepochtimes.com
2	acdn.adnxs.com	www.theepochtimes.com
2	connect.facebook.net	info.silobreaker.com connect.facebook.net
2	static2.mixi.media	www.theepochtimes.com
2	static6.mixi.media	www.theepochtimes.com
2	g2.gumgum.com	www.theepochtimes.com
2	epoch-times-d.openx.net	www.theepochtimes.com
2	c2shb.ssp.yahoo.com	www.theepochtimes.com
2	dmx.districtm.io	www.theepochtimes.com
2	htlb.casalemedia.com	www.theepochtimes.com
2	sc.youmaker.com	www.theepochtimes.com
2	comment.youmaker.com	www.theepochtimes.com
2	www.google-analytics.com	www.theepochtimes.com www.google-analytics.com
2	subs.youmaker.com	www.theepochtimes.com
2	info.silobreaker.com	1 redirects
1	bttrack.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	sync.srv.stackadapt.com	1 redirects
1	p.rfihub.com	1 redirects
1	sync.adotmob.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.smadex.com	1 redirects
1	secure.adnxs.com	1 redirects
1	clientcdn.pushengage.com	www.theepochtimes.com
1	services.epoch.cloud	info.silobreaker.com
1	vs.youmaker.com	www.theepochtimes.com
1	sync.go.sonobi.com	www.theepochtimes.com
1	image6.pubmatic.com	ads.pubmatic.com
1	static4.mixi.media	www.theepochtimes.com
1	static3.mixi.media	www.theepochtimes.com
1	6c975968d179c1273408debefce8450c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	target.mixi.media	www.theepochtimes.com
1	static.mixi.media	mixi.media
1	pixel.rubiconproject.com	www.theepochtimes.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.theepochtimes.com
1	certify.alexametrics.com	www.theepochtimes.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	www.theepochtimes.com
1	www.google.com	www.theepochtimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d31qbv1cthcecs.cloudfront.net	info.silobreaker.com
1	secure.quantserve.com	info.silobreaker.com
1	www.youmaker.com	www.theepochtimes.com
1	fonts.gstatic.com	www.theepochtimes.com
1	www.googletagmanager.com	www.theepochtimes.com
0	id5-sync.com Failed
188	82

This site contains links to these domains. Also see Links.

Domain
subscribe.theepochtimes.com
service.theepochtimes.com
epochshop.com
offers.theepochtimes.com
t.me
www.facebook.com
twitter.com
jointell.com
mewe.com
www.reddit.com
img.theepochtimes.com
abcnews.go.com
parler.com
mixi.media

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.theepochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
js.chargebee.com Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
mixi.media R3	`2021-04-14` - `2021-07-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
static.mixi.media R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
stat.media R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
target.mixi.media R3	`2021-04-14` - `2021-07-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh

This page contains 25 frames:

Primary Page: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Frame ID: 616F09BC54414209C65862D47D224518
Requests: 109 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: 67AFB1ADEE69F04F3BEE5CD3BB573AE8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 84AB55943ACE722880E0BF5F92EFF272
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjnpHmUuqIGsoLJdp45z8WDKWVBKi7aRjoz2fOkWUyhSzv73RyrfQyx0oIJyZSFoNf92aAiEuzsnPU5pJmY66WfFIe7PdMDhjwtYiBtATMy4gBboRS6x9QKFBWOn90CocnpMtFYVPGgiOnhqbS8t4Xyf2_v_Re21dVmOrcW0JTVE9dPYLJ5yVVpT4W31iN8xGz4vMR4p13OrY7Lztraj27QnVHcy3dobaEnAEw6N0DaDZ2n9OBFHZi8ZwS5m4r3me0o_0-c_ilJI7ndldADmOW5M6aKAhKTGI3GXczDaNK6OW5qan3pb_NveejxRQoZ9EFdT1-RxzfgLYK7_c&sai=AMfl-YSIJCQ3f_yvNkz6NloLDOocYoOWEVlhuXueYmHXdx_ehtzR3AxwZSOeIE_XokbgShrYJhfvuwA7y9Ts3q17PXflQJI2thuonGKSStLu49QXhCbDXXkSYnur6kFQGPM&sig=Cg0ArKJSzO_kAT94Dg9lEAE&urlfix=1&adurl=
Frame ID: 2828E0C3281EA3D90DACD2A02B38DE31
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1_SWRyBpmvfTX6UWji8athfFMgCzyF38_j0nAySjoqva53Q2uepn0kBAUWttdjwEI19xDuNBwUttHHJvFBGQMJ67kgKcLMlZvvLsENFcMPtToqH6NCTTkqEYB3goJn_lAs97Dh88ZiiLmgDHXOMI45d3Gtwfj9lMUn_SJt9AC7MnAIKcgPWj15IFLwxrm9USG95TQA3APj95po3Mw9BvwDj2Ehwn33A4wT4YHQ-xKrlEcTyC32pi7ZcEdeJ_X1Ysz5zxS1kf0Ey9sYL3wTr6CYrPhj9AyHQeKrNqn57h06aywuF_1dMzM5R6JYZUFjNSWw13NsAhFnqZ0m4ktoDRaaWl4a0Vxud3u97I&sai=AMfl-YR-ZsJhTEQI8wE4tZXIZsNZOHCQpjCeMoUa72hNBCrfpGhSutme0ilkxPxTcWPNL5GiQUrlkDTmxZFlmXrLGHDQ9DtX-E4httEvY5mYNOptJvVA8r348SyR_V904Lk&sig=Cg0ArKJSzF0Etl-YfsTgEAE&urlfix=1&adurl=
Frame ID: 8AD2A7F7396CC2153076F786DFD068A2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4EAF81804EF327C7A0439A4271967F2C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 2D1FD37C1FF272F68717E775503EEE2A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1037609b-4f68-4500-b722-d58b8c1f6170&gdpr=1&gdpr_consent=
Frame ID: 326C5BD24C0EE9CBEB9A1DF6E75AEC3C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Frame ID: 8A25BBAB00F6D635FC4D1131745D4AF8
Requests: 11 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: C213917A23787AC3ADDF161D9F134A04
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: 280FEAC3E6C9FBCE5A34D0C014F23FAF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 761F589148A775909EBEE269F8CD462A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E9B37634371BC2F9C015CEA7F3B88904
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1890D31081B230BD9678B6C169F4B55D
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 4244572A9CD3934E826619005ACFB9FF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 41836320A5A2ABF906DBCF08DAD550C5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Frame ID: A4B37AB4F8C4B089F8226C351B21956D
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6CB27DADA4A9715E21B9251195ADB3E1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 0E5B3D4BDC1FC44B9B07CA311A83DF74
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8D16B37467EEFF77E747E41413CFA640
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=0bd7609b-4f69-4c00-b03b-a8b2401577b9&gdpr=1&gdpr_consent=
Frame ID: 1357EBDC9C2D3E2120DF2FFF51DDBE84
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 84DE39501EC10FDD55A0DD5492E2547A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 672676D0AD2D79AB39237AB20D62CAB2
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 30577903DA804B7C914823B23D17CEF8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1371A2B1E8E4653464F8BBA2CF8BDADE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7... HTTP 307
https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hs... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

188
Requests

99 %
HTTPS

27 %
IPv6

49
Domains

82
Subdomains

60
IPs

9
Countries

2636 kB
Transfer

4539 kB
Size

13
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.theepochtimes.com/p/?page=donate01&utm_source=makeadonationtop
Title: MAKE A DONATION

Search URL Search Domain Scan URL

URL: https://service.theepochtimes.com/web/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=subhome
Title: subscribe

Search URL Search Domain Scan URL

URL: https://epochshop.com/
Title: Epoch Shop

Search URL Search Domain Scan URL

URL: https://offers.theepochtimes.com/gift
Title: Gift

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3Futm_campaign%3Dsocialshare_telegram%26utm_source%3Dt.me
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3Futm_campaign%3Dsocialshare_fb%26utm_source%3Dfacebook.com
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3Futm_campaign%3Dsocialshare_twitter%26utm_source%3Dtwitter.com
Title: Tweet

Search URL Search Domain Scan URL

URL: https://jointell.com/posts/new?link=https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?utm_campaign=socialshare_tell&utm_source=jointell.com
Title: Tell

Search URL Search Domain Scan URL

URL: https://mewe.com/share?link=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3Futm_campaign%3Dsocialshare_mewe%26utm_source%3Dmewe.com
Title: MeWe

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3Futm_campaign%3Dsocialshare_reddit%26utm_source%3Dreddit.com
Title: Reddit

Search URL Search Domain Scan URL

URL: https://img.theepochtimes.com/assets/uploads/2020/12/06/biden-with-striped-tie-2-1200x800.jpg

Search URL Search Domain Scan URL

URL: https://img.theepochtimes.com/assets/uploads/2020/12/06/biden-with-medical-mask-1200x800.jpg

Search URL Search Domain Scan URL

URL: https://abcnews.go.com/Politics/read-full-transcript-joe-bidens-abc-news-town/story?id=73643517
Title: said

Search URL Search Domain Scan URL

URL: https://img.theepochtimes.com/assets/uploads/2020/11/30/A-subject-receives-a-vaccine-shot-1200x800-1200x800.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/zackstieber
Title: @zackstieber

Search URL Search Domain Scan URL

URL: https://parler.com/profile/zackstieber/posts
Title: @zackstieber

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10406949&bl=94729&ct=adpreview&st=43&nvuuid=4fcc72ec-6725-09db-6000-004c9b9e01a5&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1285942491&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10385081&bl=94729&ct=adpreview&st=43&nvuuid=4f767265-67b9-09b9-6000-00639b9e014c&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1665951161&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10406954&bl=94729&ct=adpreview&st=43&nvuuid=4fcc72d4-672a-093b-6000-00079b9e01c9&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=130667579&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10399120&bl=94729&ct=adpreview&st=43&nvuuid=4fad723c-6790-0915-6000-00319b9e0127&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=824654869&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10279038&bl=94729&ct=adpreview&st=43&nvuuid=4fd872ac-677e-096e-6000-00619b9c01d0&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1641065582&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10406952&bl=94729&ct=adpreview&st=43&nvuuid=4fcc7217-6728-09a5-6000-005b9b9e0120&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1528829861&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10195090&bl=94729&ct=adpreview&st=43&nvuuid=4f907298-6792-09b8-6000-006e9b9b01b1&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1857132728&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10380807&bl=94729&ct=adpreview&st=43&nvuuid=4f6672ff-6707-093f-6000-006d9b9e0127&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1831337791&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10399119&bl=94729&ct=adpreview&st=43&nvuuid=4fad7247-678f-09ef-6000-00439b9e0161&bvuuid=b573d5db-fb5b-4ba1-b9f5-d2589e480569&rnd=1130448879&ag=25&ev=H4sIAAAAAAAAAONSWTrjN8vOtz9ZVgHpCbd_sfzb8JllBZA9aeE7lvYzP1n6gWIA9SakOCYAAAA&ab=jsapi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1?_ud=0ee1b117-ba5a-41c3-9489-f363ac82d1d9&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1620791142032&ns_c=UTF-8&c8=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1620791142032&ns_c=UTF-8&c8=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&c9=

Request Chain 109

https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 119

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=1037609b-4f68-4500-b722-d58b8c1f6170&gdpr=1&gdpr_consent=

Request Chain 132

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=0bd7609b-4f69-4c00-b03b-a8b2401577b9&gdpr=1&gdpr_consent=

Request Chain 135

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOxHuRkF0ZinBLXtNalEWVt4JmwL4DksJKmt5gpg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOxHuRkF0ZinBLXtNalEWVt4JmwL4DksJKmt5gpg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/8/2.gif?puid=a00b5163-35c9-4ef6-91cf-3b3c4486a9e9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPBSjUHz3JYAz6ywNgmrn6M&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPBSjUHz3JYAz6ywNgmrn6M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1031571765600764906&opid=apx&ops=&utidl=tech:goo:CAESEPBSjUHz3JYAz6ywNgmrn6M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17435074193&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/6/4.gif?puid=6437b8acd18df3db526a3e944ed0f981&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/101/5/5.gif?puid=76da2b8f-2643-4e33-8346-7c96c6608d2f&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/108/4/6.gif?puid=49467ac5-a751-4562-be7e-6c6f1836bed5&gdpr=1&gdpr_consent=

Request Chain 136

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1031571765600764906

Request Chain 144

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5

Request Chain 145

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=c7edc8f7-c55d-49e4-933a-7c08a2e2b5db&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae

Request Chain 146

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHeHRFN0JOcDhBQUN3ZXF3UFNhQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 147

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9

Request Chain 148

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN

Request Chain 149

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2802571427815825713

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1

Request Chain 154

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5

Request Chain 155

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=cd9b9c2a-8080-4430-bc6d-377ef56980ef&expires=10&ssp=openx&bsw_param=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae

Request Chain 156

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHYTcwN0JOcDhBQUN5cXF3UFNhQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9

Request Chain 158

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN

Request Chain 159

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3351288628832932572

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1

Request Chain 165

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 166

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 169

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJtPaynhWAnludXx0MVAFwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1

Request Chain 174

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06382204271315744db57499&expiration=[EXPIRATION]&gdpr=1

Request Chain 175

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827870782258265

Request Chain 176

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IdSLmfNBS6JOrn4pKLA_PFJmE2Q

Request Chain 178

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJtPaynhWAnludXx0MVAFwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1

Request Chain 180

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t

188 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M683...
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 128ms
69ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:39 GMT
content-type: text/html;charset=utf-8
cf-ray: 64e0a7cd7b88009b-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a004734670000009b1da26000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 8e59f2c9-031f-401c-a554-ef3ae1c75514
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CzeXcDq40XLzpXmQ1UOhQsIcbh2HVvAWAjCGSY5ms2SNT5nD9YW7ePMW6PSmn1V7EvHFOIfQTyn5YNDZlNFvM3xzUJWihJgY3jbWv5jPkB9oVQPdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=7a7d16a9c106dbba5cf7947296d5df5c8c81f09a-1620791139; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html Show response
www.theepochtimes.com/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T...
https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcG...

43 KB
12 KB

817ms
745ms

Document
text/html

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

3e7448d382adc8189462c51a9dda5f51ba32f69491bb024c086ef0f749755e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.theepochtimes.com
:scheme: https
:path: /biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
accept-ranges: bytes
cache-control: max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-hw: 1620791139.cds011.fr8.hn,1620791139.cds230.fr8.sc,1620791140.cds230.fr8.p
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-device: desktop
x-cache-status: MISS

Redirect headers

date: Wed, 12 May 2021 03:45:39 GMT
location: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
cf-ray: 64e0a7cdfc51009b-AMS
link: <https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a004734bd0000009b300b4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 991d4455-77e6-4062-be1e-f771c5e1777c
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vsy%2FGenirIcq9ZdMR5Q5ALYuBRVggKA6tUnjWBAZbWAFKfzKgbbn5qBS%2F6iWVxby%2BztFlG83%2B0q4mMjCHDuAP5KkLEaXEIUDqe85U1FCaTOHNADPnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 template.css
subs.youmaker.com/lib/ 8 KB
9 KB 187ms
122ms Stylesheet
text/css 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css?ver=20200716
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: 2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
via: 1.1 google
last-modified: Tue, May 11 2021 15:23:03 GMT
server: nginx/1.16.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 8659

GET
H2 200 single-merge.min.css
www.theepochtimes.com/assets/themes/eet/css/ 94 KB
40 KB 25ms
25ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

5d53b01ccf0533be9bb04cd0fd27b2f98493ff63fe8639d917cf02685cedb07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/css/single-merge.min.css?ver=20210430
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 19:36:21 GMT
server: nginx
x-microcachable: 0
etag: W/"608dadb5-176d0"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds237.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 41090
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 247ms
58ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 05:09:09 GMT
content-encoding: gzip
server: Server
age: 81391
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id: UG8zLzEHFmgmiN-cv3n2e-83uAQBmb2eIjUcLEY6wmgtoY7BeGgQJw==

GET
H2 200 prebid.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 290 KB
107 KB 95ms
35ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/js/prebid.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 23:01:12 GMT
server: nginx
x-microcachable: 0
etag: W/"60494fb8-48619"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds065.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 109413
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 logo_eet.svg
www.theepochtimes.com/assets/themes/eet/images/ 16 KB
6 KB 238ms
178ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/logo_eet.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/logo_eet.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Aug 2018 21:43:01 GMT
server: nginx
etag: "5b807be5-3f5c"
x-cache-status: HIT
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds206.fr8.sc,1620791141.cds206.fr8.pr
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 5932
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 Vaccine-card-6424927-300x180.jpg
img.theepochtimes.com/assets/uploads/2020/12/03/ 30 KB
31 KB 137ms
59ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/12/03/Vaccine-card-6424927-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f58b68fdc3f5b5d5c3e7bcadfffc24d2d13f4903269579f4da7bba55efc88439

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
last-modified: Thu, 03 Dec 2020 17:08:13 GMT
server: nginx
etag: "5fc91b7d-796a"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds017.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31082

GET
H2 200 biden-with-striped-tie-2-700x420.jpg
img.theepochtimes.com/assets/uploads/2020/12/06/ 40 KB
40 KB 688ms
610ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/12/06/biden-with-striped-tie-2-700x420.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b1ef110848a109d361f77bef844ebe0575d29cb1e4a2ffa84024d81073d8e2c

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
last-modified: Sun, 06 Dec 2020 11:06:16 GMT
server: nginx
etag: "5fccbb28-9f3b"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds246.fr8.sc,1620791141.cds246.fr8.pr
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40763

GET
H2 200 white.png
www.theepochtimes.com/assets/themes/eet/images/ 95 B
230 B 221ms
170ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/white.png
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
x-microcachable: 0
etag: "59bae35d-5f"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds246.fr8.sc,1620791141.cds246.fr8.pr
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 EET_footer.png
www.theepochtimes.com/assets/themes/eet/images/ 7 KB
7 KB 226ms
186ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/EET_footer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/EET_footer.png
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Aug 2018 19:13:08 GMT
server: nginx
x-microcachable: 0
etag: "5b7db5c4-1d36"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds274.fr8.sc,1620791141.cds274.fr8.pr
content-type: image/png
cache-control: max-age=315360000
content-length: 7478
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 jquery-all.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 98 KB
40 KB 173ms
169ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/js/jquery-all.min.js?ver=20170224
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:26 GMT
server: nginx
x-microcachable: 0
etag: "59bae35e-188ff"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds006.fr8.sc,1620791140.cds006.fr8.pr
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 40721
set-cookie: _mcnc=1; Max-Age=2; Path=/
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 44 KB
15 KB 74ms
15ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20210510

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

3fa52d4d1c8ff6e85c811754d25a2b036c44d303fdf4523a5d8612ab3e0c8864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/js/bottom.min.js?ver=20210510
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 21:53:55 GMT
server: nginx
x-microcachable: 0
etag: W/"6099ab73-b190"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds168.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 14727
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.youmaker.com/lib/ 237 KB
237 KB 192ms
126ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: be6ef5a3822d4d3914f44b78da8770cc79ccca4f389298c048c03d1a72029b51

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
via: 1.1 google
last-modified: Tue, May 11 2021 15:23:03 GMT
server: nginx/1.16.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 242360

GET
H2 200 remark.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 4 KB
2 KB 94ms
29ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20210428

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

7d6269ce342a08ba2fc6da463723ef68505275482b3c388de4c9d2ccdedd36c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/js/remark.min.js?ver=20210428
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 14:31:02 GMT
server: nginx
x-microcachable: 0
etag: W/"608971a6-11ad"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds289.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 1882
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 article_ads_prebid.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 42 KB
12 KB 97ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20210505

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

166932f4c2bf978a99aa224ee7ba36a99c7bc96d529e00ff4b2fdad676f0abed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/js/article_ads_prebid.js?ver=20210505
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 20:26:21 GMT
server: nginx
etag: W/"6092ff6d-a837"
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds267.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 12259
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 78ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4728
date: Wed, 12 May 2021 02:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 12 May 2021 04:26:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
40 KB 118ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc2f65b852f9742cec43a7f7ee1cc605c29b863ec999445fb5db74e190bab938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41014
x-xss-protection: 0
last-modified: Wed, 12 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 May 2021 03:45:40 GMT

GET
H2 200 telegram-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 51 KB
51 KB 148ms
26ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/telegram-icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/telegram-icon.png
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 18:28:18 GMT
server: nginx
x-microcachable: 0
etag: "601aeb42-cbf6"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds277.fr8.c
content-type: image/png
cache-control: max-age=1800
content-length: 52214
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 tell-icon.svg
www.theepochtimes.com/assets/themes/eet/images/ 721 B
455 B 91ms
32ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/tell-icon.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/tell-icon.svg
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 20:21:26 GMT
server: nginx
etag: "60341246-2d1"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds285.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 346
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 mewe-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 2 KB
2 KB 79ms
39ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/mewe-icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/mewe-icon.png
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 18:28:18 GMT
server: nginx
etag: "601aeb42-772"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds268.fr8.c
content-type: image/png
cache-control: max-age=1800
content-length: 1906
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 plus-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 465 B
573 B 63ms
40ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/plus-icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/plus-icon.png
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 18:28:18 GMT
server: nginx
etag: "601aeb42-1d1"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds065.fr8.c
content-type: image/png
cache-control: max-age=1800
content-length: 465
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 EET_Play_Button_big.svg
www.theepochtimes.com/assets/themes/eet/images/ 2 KB
1 KB 191ms
183ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/EET_Play_Button_big.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

179a3ca9e79ab3b1870f06abbbd744a25905568b7bc0a5969b564f257ef9bca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/EET_Play_Button_big.svg
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 19:28:56 GMT
server: nginx
etag: "5be5dff8-764"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds209.fr8.sc,1620791141.cds209.fr8.pr
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 913
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 1 KB
707 B 193ms
179ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/eet/images/backtotop.svg
pragma: no-cache
cookie: _mcnc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
etag: "59bae35d-498"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds260.fr8.sc,1620791141.cds260.fr8.pr
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 579
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 D-DINCondensed-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 57 KB
57 KB 210ms
165ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DINCondensed-Bold.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.theepochtimes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _mcnc=1
:path: /assets/themes/eet/fonts/D-DINCondensed-Bold.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e454"
x-cache-status: HIT
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds222.fr8.sc,1620791141.cds222.fr8.pr
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 58452
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 58 KB
59 KB 238ms
201ms Font
font/opentype 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.theepochtimes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _mcnc=1
:path: /assets/themes/eet/fonts/D-DIN.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e9d4"
x-cache-status: HIT
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds280.fr8.sc,1620791141.cds280.fr8.pr
content-type: font/opentype
cache-control: max-age=315360000
content-length: 59860
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v10/ 14 KB
14 KB 45ms
0ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 22:41:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:00:46 GMT
server: sffe
age: 450255
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14200
x-xss-protection: 0
expires: Fri, 06 May 2022 22:41:25 GMT

GET
H2 200 D-DIN-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 59 KB
59 KB 252ms
180ms Font
font/opentype 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN-Bold.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.theepochtimes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _mcnc=1
:path: /assets/themes/eet/fonts/D-DIN-Bold.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20210430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-eb1c"
x-cache-status: HIT
x-hw: 1620791140.cds011.fr8.hn,1620791140.cds225.fr8.sc,1620791141.cds225.fr8.pr
content-type: font/opentype
cache-control: max-age=315360000
content-length: 60188
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1df0ff326855a8fe4eb6b3594c3ab4db71ce7118031877f39c4b750f6f351f8e

Request headers

Origin: https://www.theepochtimes.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

OPTIONS
H2 200 counts
comment.youmaker.com/api/v1/ Frame 0
0 196ms
114ms Preflight 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=remark
Protocol: H2
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.theepochtimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.16.1
date: Wed, 12 May 2021 03:45:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 300
app-name: remark
app-version: 0.1.2
author: EMG
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google
alt-svc: clear

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 147 KB
45 KB 203ms
52ms Script
application/x-javascript 65.9.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

711b69add265b2aa2c97a78c67e3cca8fd8ea14657ba6c6f4b3a58ad3e581950

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NVoBCWUJxOF2m.uDtarsCOENDlYPb8aT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 14 Apr 2021 10:06:59 GMT
server: AmazonS3
age: 240
etag: W/"b8a039c9eff691deb90076e33674b7d6"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 12 May 2021 03:41:42 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ySF65H9nJi7Of1jNrHb10SL_0PZg-ejXw7kwFnIWviba6PMltEvJow==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20210505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8660f64b21689a39effc14a8888dbbaa1a7f75432fd45594ae60c48f107ffac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "869 / 534 of 1000 / last-modified: 1620770910"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
expires: Wed, 12 May 2021 03:45:41 GMT

GET
H2 200 test Show response
www.youmaker.com/g/ 7 B
260 B 87ms
24ms XHR
text/plain 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/g/test
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
via: 1.1 google
server: nginx/1.16.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 7

POST
H2 200 counts Show response
comment.youmaker.com/api/v1/ 1 KB
2 KB 125ms
124ms XHR
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=remark
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: 4598251cf366e26c955ca447ff2a94c22de107e622e7c89551b510ef856f28b5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
via: 1.1 google
vary: Origin
alt-svc: clear
content-length: 1406
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 UTC
server: nginx/1.16.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Authorization
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/site/article/ 1 KB
1 KB 195ms
135ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/site/article/count?site=www.theepochtimes.com&user=c3b76110-fe5a-c1e9-5022-cc9f96feda11&postid=3603491,3606525,3811958,3810709,3812001,3811682,3810067,3811654
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7e8aa0944b0897b72e9e1b0db89bd450f5967196bd850f7c4fc1a7f31a5ae050

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 03:45:41 GMT
via: 1.1 google
server: nginx/1.16.1
alt-svc: clear
content-length: 1057
content-type: application/json;charset=UTF-8

GET
H2 200 biden-with-medical-mask-1200x800.jpg
img.theepochtimes.com/assets/uploads/2020/12/06/ 118 KB
119 KB 30ms
29ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/12/06/biden-with-medical-mask-1200x800.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f03a2875c2cfe6a5e0c5752de2cfe3c6133c7e1fcb95f38c39b9cb9185bc564

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:41 GMT
last-modified: Sun, 06 Dec 2020 11:08:00 GMT
server: nginx
etag: "5fccbb90-1d967"
x-hw: 1620791141.cds011.fr8.hn,1620791141.cds271.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 121191

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=886277289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&dp=%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html&ul=en-us&de=UTF-8&dt=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1817201753&gjid=591917303&cid=355252204.1620791142&uid=anon49ba-5164-454a-a463-48f10d6c0ac5&tid=UA-10465455-30&_gid=1969779857.1620791142&_r=1&_slc=1&cd1=136819&cd3=%3B2020-election-115936%3Bjoe-biden-136819%3Bus-politics-7026%3Bus-13%3B&cd4=%3Btodays-headlines-98892%3Btop-stories-98893%3B&cd5=%3B2020-election-115936%3Bjoe-biden-136819%3Bus-politics-7026%3Bus-13%3Btodays-headlines-98892%3Btop-stories-98893%3B&cd21=3606525&cd23=Zachary%20Stieber&cd26=Joe%20Biden&cd28=%3B2020%20Election%3BJoe%20Biden%3BPolitics%3BUS%3B&cd29=%3BVaccine%3BJoe%20Biden%3B&cd30=20201206&cd31=20201206&cd33=714&cd42=%3Bvaccine%3Bjoe-biden%3B&cd43=post&cd18=anon49ba-5164-454a-a463-48f10d6c0ac5&z=577268812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 141ms
46ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:41:07 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 50676
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: bOXusrFGhTbUPKPJeqpAoOPuw2UQspykQ5pZYd2WH76AHWtSiGn8vA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 39ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 19 May 2021 03:45:42 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 149ms
48ms Script
application/javascript 65.9.97.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 1244296
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: _y1SrQncabv10-RE7u6k4DkqzMgKuHgWmc2C_dJlTtS_-cJiag-4Ew==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1620791142032&ns_c=UTF-8&c8=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fbid...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1620791142032&ns_c=UTF-8&c8=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fbi...

64 B
328 B

81ms
54ms

Image
image/gif

65.9.97.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1620791142032&ns_c=UTF-8&c8=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&c9=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: oCu9cXAxbiArg9E_CMz1ekclryC_-0Dow6vfo5iFbTe1_w5hEeNTEA==

Redirect headers

date: Wed, 12 May 2021 03:45:42 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1620791142032&ns_c=UTF-8&c8=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&c9=
content-length: 430
x-amz-cf-id: M_0UKMRi43OdkgbUsbp6m30q37D_FgQ5wC4kBAqwPcSY5JNb6EB03g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
467 B 76ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-10465455-30&cid=355252204.1620791142&jid=1817201753&uid=anon49ba-5164-454a-a463-48f10d6c0ac5&gjid=591917303&_gid=1969779857.1620791142&_u=YGBACEAABAAAAC~&z=218053256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 12 May 2021 03:45:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 breaking-bar.html Show response
www.theepochtimes.com/assets/uploads/html/breakingnews-bar/ 0
168 B 613ms
611ms XHR
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/uploads/html/breakingnews-bar/breaking-bar.html

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _mcnc=1; epoch_persistent_user_id=anon49ba-5164-454a-a463-48f10d6c0ac5; epoch_gdpr_userid=c3b76110-fe5a-c1e9-5022-cc9f96feda11; _ga=GA1.2.355252204.1620791142; _gid=GA1.2.1969779857.1620791142; _gat=1
:path: /assets/uploads/html/breakingnews-bar/breaking-bar.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 04:13:28 GMT
server: nginx
etag: "609b55e8-0"
x-cache-status: HIT
x-hw: 1620791142.cds011.fr8.hn,1620791142.cds135.fr8.sc,1620791142.cds135.fr8.p
content-type: text/html; charset=utf-8
cache-control: max-age=600
content-length: 0
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2021050601.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 90ms
30ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 08:40:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109330
x-xss-protection: 0
expires: Wed, 12 May 2021 03:45:42 GMT

GET
H2 200 0-6848c2d5e25b5ff4726c.js Show response
js.chargebee.com/v2/ 55 KB
17 KB 57ms
51ms Script
application/x-javascript 65.9.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/0-6848c2d5e25b5ff4726c.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

68880362d1f548529d11929167c92d3985b1f52acfcf5e91cfed2f7dc44eb655

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uCjKDqq4_JV8jAs8._odVx_RmJnoyQRB
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 14 Apr 2021 10:06:59 GMT
server: AmazonS3
age: 126
etag: W/"347edad57fde73b260604eece8687b0f"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 12 May 2021 03:43:58 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: TLQzrAZIJWxZkvvMJbN6wnGq0e3GGCxxWHFU8OubNIc85ZP41kDUMw==

GET
H2 200 60-5f2887d7fb52a000edc3.js Show response
js.chargebee.com/v2/ 16 KB
5 KB 52ms
49ms Script
application/x-javascript 65.9.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/60-5f2887d7fb52a000edc3.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.97.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb4cd8d6c5b7c9e29f1619f563146dbdc5d8b640b36b6a281f813207443cd2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KORvnCzf9VQ_LlhNK0FBbop1qCHgPZ85
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 14 Apr 2021 10:06:58 GMT
server: AmazonS3
age: 42
etag: W/"717b6c04262a4d6a7b38aace13f121ee"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 12 May 2021 03:45:21 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: UnpmrZ1OBBdvXqcOapT23a_8MTocdkEXAMlk7h6mGJPJFDIgxO070g==

GET
H/1.1 200 94729.js Show response
mixi.media/data/js/ 5 KB
3 KB 242ms
125ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/94729.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20210510
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1956e71e915557c3908a5bbb7d994b0fbaece4915f79ca2fe03dcc3e53612802

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:42 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 12-May-2021 03:45:42 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-10465455-30&cid=355252204.1620791142&jid=1817201753&_u=YGBACEAABAAAAC~&z=1254974666

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 122ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-10465455-30&cid=355252204.1620791142&jid=1817201753&_u=YGBACEAABAAAAC~&z=1254974666

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-a128V7tctPVtT.js Show response
rules.quantcount.com/ 3 B
438 B 70ms
10ms Script
application/javascript 2600:9000:2127:5c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:54:09 GMT
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
age: 49894
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:44:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: 23o3B8zLocBHzVYpfVNbdMLD34s-uSiKB0P7ykuSgmABxYdFkEOaog==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 152ms
51ms Image
image/gif 65.9.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory&time=1620791142295&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&random_number=15442678230&sess_cookie=26c606c51795eae2791c8256be3&sess_cookie_flag=1&user_cookie=26c606c51795eae2791c8256be3&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 11 May 2021 05:39:34 GMT
Via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 79568
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: PRG50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 8sO0NhV8jR0zdPiByofn-ayMOUIdEcxzUC7qX6Lmh4JxPpD4Xi0g6w==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 544ms
179ms Image
text/plain 52.24.28.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.28.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-28-41.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
server: Server

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 96ms
95ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&pid=fzTb19LSFqJn5&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2FEET_article_top_728x90%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vdE2gWsXfhLqSNPZDpT1doZqnVVfQWYjZZntpJHlK7Mw016GOM0CzA==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 712 B
782 B 73ms
21ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: aa46ae24e6a40546411c66f3c8c8947fc78584cebe256d2c7c8c07b3e84641ef

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:42 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 178 B
529 B 162ms
110ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: c6a0e7adfa72ed6bc0deaf84e523d58d6ff70d54e3a0804582fda2a50ea259ac

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:42 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 178
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 84ms
45ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5179b18022d96ffa734ebc51af9c91c79d953f5b5bb548963ccc23e3a70a06b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:42 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid: 78e5c95c-a065-4bde-9df0-7bad33a5459f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 23 B
373 B 160ms
79ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299835&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229d766236d0891%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210184f799f83342%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211aee4d8c39bcb4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212ba3cd6192e587%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 67dbca7de22e6bcd66075b8c252ada889ae0af06fdcd126c23df1888ddd308e3

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 43
x-ak-client-geo: 28
expires: Wed, 12 May 2021 03:45:42 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
322 B 97ms
27ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
cf-ray: 64e0a7e14c76203f-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0a004740cc0000203faf81f000000001

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
481 B 103ms
41ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_top_728x90&cmd=bid&secure=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: bbf882258d986059fd9088d5cb1e244997540c16b0233066c2df7f12305acc57

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 03:45:42 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 arj Show response
epoch-times-d.openx.net/w/1.0/ 173 B
566 B 100ms
36ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e8b41b7d-bb43-47d5-b937-eefba302ac9c&nocache=1620791142556&aus=970x250%2C970x90%2C728x90&divIds=sticky_ad_top&auid=538813617
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: d5ef77c6a2c1105c7b24ba016c3ba94a040df7f4e74761b21b3d25736fff7765

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 189ms
65ms XHR
application/json 52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32025&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html&ns=9216
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e7daa6acab9c38abfeb94c218646f5564f123d890c75358c70c006162e9045fb

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
374 B 106ms
106ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&pid=fzTb19LSFqJn5&cb=1&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8EVQQZq0j-lb5fLzFP4dICD309NgqOednJgL7PUaso23nFc0eSeS_A==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 179 B
530 B 189ms
188ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 96d1a1a5f647175fe629a9b88c69a56e25b924113b9a274516ad84c226de1fcc

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:42 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 179
Expires: 0

GET
H2 200 arj Show response
epoch-times-d.openx.net/w/1.0/ 173 B
360 B 57ms
36ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0a46df2f-4f37-4ce1-a8c2-41170bbd2947&nocache=1620791142598&aus=300x250&divIds=ad_right_top_300x250_1&auid=538813611
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: c5e3751d0cb1621f6023ce2ee860f26f9f7b440926563db737af63a8abf9f382

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 141ms
61ms XHR
application/json 52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32023&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html&ns=9216
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a05a3c0c60025d75a8ac5cfb6a338e115a6349a984a4d370013dd2266abb620f

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 97ms
78ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

26abf165a1cf54609f9b8531eca9f2133f591a50a32567d8a930d532b1efb864

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:42 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid: bc85f3f7-9e50-4981-8b1f-7d5af19d24d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
375 B 94ms
66ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299842&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2233d783b56b7e39f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2234f53767160c8a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299842%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8cf4463df9e01897b72c4a0f3a4eb8975d20e551ab8d6da429c4b27b4b8e524a

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Wed, 12 May 2021 03:45:42 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
481 B 57ms
30ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_right_top_300x250_v3&cmd=bid&secure=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: b2fed80ca2c04e36399b567fd721f99e59af48554e5eac929450645cace8d0d6

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 May 2021 03:45:42 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 50ms
24ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 03:45:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
cf-ray: 64e0a7e1dd39203f-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0a004741240000203f5b90c000000001

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 120ms
30ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2 200 pixel;r=1265736093;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3Jufl...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1265736093;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM;uht=2;fpan=1;fpa=P0-391579167-1620791142735;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=theepochtimes.com;je=0;sr=1600x1200x24;dst=1;et=1620791142735;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.Biden%3A%20COVID-19%20Vaccine%20Shouldn't%20Be%20Mandatory%2Cdescription.Democratic%20presidential%20nominee%20Joe%20Biden%20has%20said%20he%20doesn't%20think%20people%20shoul%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_36065%2Csite_name.www%252Etheepochtimes%252Ecom%2Cupdated_time.2020-12-06T16%3A41%3A52-05%3A00%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2020%2F12%2F06%2Fbiden-with-striped-tie-2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK jsapi.v5.0.0-3.en_US.js Show response
static.mixi.media/static/jsapi/ 233 KB
69 KB 128ms
61ms Script
application/x-javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.0.0-3.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: bb12922378e2bf58f5ac608a4cd3afcdbcc5eb1d2704a5cbef2037649430fde2

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Apr 2021 13:35:08 GMT
Server: nginx
ETag: W/"60744c8c-3a23e"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 79 KB
29 KB 245ms
111ms Script
application/x-javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 83245e30d6ee857fc3e799c70c42d06267e2302803bfadfe9f130eabf9975aad

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 11:34:02 GMT
Server: nginx
ETag: W/"60378b2a-13dc3"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 171ms
99ms Image
image/png 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=94729&siteid=49188&bw=1600&bh=1200&rnd=8711358789871
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Target-Version: 2
Date: Wed, 12 May 2021 03:45:42 GMT
X-Target-Final: 20210512064542-0
Server: nginx
X-Target-Host: target2-1.sselp2
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00051
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Wed, 12 May 2021 03:45:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 54ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theepochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 88ms
38ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 614ms
581ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=408968880094779&correlator=2670447330978955&output=ldjh&impl=fifs&eid=31060783%2C31060790%2C31061004%2C44741899&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=5965368%2CEET_article_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_2020-election-115936%252Ceet_joe-biden-136819%252Ceet_us-politics-7026%252Ceet_us-13%252Ceet_todays-headlines-98892%252Ceet_top-stories-98893%26EET_post%3D3606525%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1620791142&dt=1620791142971&dlt=1620791140534&idt=1844&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=121&adks=3587454004&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x280&msz=1000x250&ga_vid=355252204.1620791142&ga_sid=1620791143&ga_hid=886277289&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

000c91d855e5a3dd0ddd57fefe4f542d2e62e682415a47dffc6d2d14dbb69a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4857
x-xss-protection: 0
google-lineitem-id: 5663508186
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345941036
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6c975968d179c1273408debefce8450c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 61ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6c975968d179c1273408debefce8450c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 38ms
5ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
6 KB 1010ms
1008ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=408968880094779&correlator=2670447330978955&output=ldjh&impl=fifs&eid=31060783%2C31060790%2C31061004%2C44741899&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=5965368%2Ceet_article_right_top_300x250_v3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_2020-election-115936%252Ceet_joe-biden-136819%252Ceet_us-politics-7026%252Ceet_us-13%252Ceet_todays-headlines-98892%252Ceet_top-stories-98893%26EET_post%3D3606525%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1620791143&dt=1620791143061&dlt=1620791140534&idt=1844&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=437&adks=2786340635&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=355252204.1620791142&ga_sid=1620791143&ga_hid=886277289&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

f822277549383611dc328b752dfcab23ea697c487f935773e73abd25a9ccb5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5921
x-xss-protection: 0
google-lineitem-id: 5687874912
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349481626
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 67AF 8 KB
3 KB 124ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81140
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 03:45:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 5 KB
2 KB 103ms
93ms XHR
application/json 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.0.0-3.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d95a8a7b4a338ff7e65cd71ba49d032d1b27c9b3040b89999fb50901b82ca2dd

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:43 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 12-May-2021 03:45:43 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 64ms
64ms Script
application/javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=CKSAAxIkYmZiOTQ1ZGEtNTY4MS00MTJhLTkxM2EtMTA3YmYxNjc4Y2FmGP3PuPWVLyIkMDczZDJlZTQtOTgyOC00YWFlLWFhMTYtNTQ0MGFmNGNmNWY4&cb=_callbacks____0kokx7636
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3c2b3118e88e2453a34b07365f44979e9321cef797ba9d29c615723f1c719d18

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 84AB 38 KB
14 KB 40ms
39ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=96521
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 03:45:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK 8977087.jpeg
static8.mixi.media/img/400x300/ 42 KB
43 KB 136ms
48ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/8977087.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: b8a008976f05293cd35f26cf907d6b62d5469ce00081be80ee31cc39c34f3d58

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Tue, 11 May 2021 17:20:23 GMT
Server: nginx
ETag: W/"609abcd7-3f76d"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43506
Expires: Thu, 11 May 2023 17:20:32 GMT

GET
H/1.1 200
OK 8960891.jpeg
static3.mixi.media/img/400x300/ 43 KB
43 KB 133ms
47ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/8960891.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4b01cf18a7465bf0e5526bc818efd026d618cfa62ea735517600fdd03cf36d3a

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Thu, 06 May 2021 07:49:25 GMT
Server: nginx
ETag: "60939f85-abe9"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44009
Expires: Sat, 06 May 2023 07:49:42 GMT

GET
H/1.1 200
OK 8977092.jpeg
static6.mixi.media/img/400x300/ 69 KB
69 KB 134ms
49ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/8977092.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: ee74bf0fa8014bc57676fd08f39cc21df993e15f318fe5b668f1ca8862769c8d

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Tue, 11 May 2021 17:23:52 GMT
Server: nginx
ETag: W/"609abda8-8bd5b"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70481
Expires: Thu, 11 May 2023 17:24:05 GMT

GET
H/1.1 200
OK 8971228.jpeg
static6.mixi.media/img/400x300/ 63 KB
63 KB 130ms
49ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/8971228.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8c981d2d723f02f21f8a2a5977710f074721dd1c2d92481a5ddd7c8dd03c262d

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Sun, 09 May 2021 23:49:28 GMT
Server: nginx
ETag: W/"60987508-64849"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64294
Expires: Tue, 09 May 2023 23:49:38 GMT

GET
H/1.1 200
OK 8882232.jpeg
static4.mixi.media/img/400x300/ 43 KB
44 KB 150ms
51ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/8882232.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1408f0de79f50484c09eecaf00ff3f4a388624eb4225df8dbcce867c4d41ee1e

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Wed, 14 Apr 2021 14:43:38 GMT
Server: nginx
ETag: W/"6076ff9a-11c03e"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44402
Expires: Fri, 14 Apr 2023 14:43:56 GMT

GET
H/1.1 200
OK 8977090.jpeg
static2.mixi.media/img/400x300/ 53 KB
53 KB 149ms
50ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/8977090.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 02aa323303b4c384aa960710eeeb0b530b1e5904de03503b685364950f6a970b

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Tue, 11 May 2021 17:21:52 GMT
Server: nginx
ETag: W/"609abd30-635d3"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53851
Expires: Thu, 11 May 2023 17:22:00 GMT

GET
H/1.1 200
OK 8818497.jpeg
static8.mixi.media/img/400x300/ 48 KB
49 KB 117ms
49ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/8818497.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 779e7da199248c926a29c69c10d49eabdb7ca9eb1927d4af9792514bb8fb62af

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Mon, 29 Mar 2021 19:19:06 GMT
Server: nginx
ETag: "6062282a-c111"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49425
Expires: Wed, 29 Mar 2023 19:19:21 GMT

GET
H/1.1 200
OK 8957780.jpeg
static8.mixi.media/img/400x300/ 62 KB
62 KB 116ms
48ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/8957780.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 56d098174340069677e63fa3e63977a3535985fc402440a6712aa84e5b9aa2ab

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Wed, 05 May 2021 07:51:41 GMT
Server: nginx
ETag: W/"60924e8d-731bd"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63393
Expires: Fri, 05 May 2023 07:51:46 GMT

GET
H/1.1 200
OK 8971227.jpeg
static2.mixi.media/img/400x300/ 51 KB
51 KB 137ms
50ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/8971227.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e6ff6a38025382e41b18057bb2fbed9edf56ebc90709020fd17043a8ff75e5f8

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Last-Modified: Sun, 09 May 2021 23:47:48 GMT
Server: nginx
ETag: W/"609874a4-3a7a8"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52343
Expires: Tue, 09 May 2023 23:48:04 GMT

GET
H/1.1 404
Not Found /
mixi.media/cookiematching/ 0
0 43ms
42ms Image
text/html 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGJmYjk0NWRhLTU2ODEtNDEyYS05MTNhLTEwN2JmMTY3OGNhZhoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjIwNzkxMTQyMzk3GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDA3M2QyZWU0LTk4MjgtNGFhZS1hYTE2LTU0NDBhZjRjZjVmOBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1620791143442
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 182ms
60ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 12 May 2021 03:45:43 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 84AB 0
75 B 119ms
24ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18066246&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:43 GMT
Content-Length: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2828 0
0 68ms
67ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjnpHmUuqIGsoLJdp45z8WDKWVBKi7aRjoz2fOkWUyhSzv73RyrfQyx0oIJyZSFoNf92aAiEuzsnPU5pJmY66WfFIe7PdMDhjwtYiBtATMy4gBboRS6x9QKFBWOn90CocnpMtFYVPGgiOnhqbS8t4Xyf2_v_Re21dVmOrcW0JTVE9dPYLJ5yVVpT4W31iN8xGz4vMR4p13OrY7Lztraj27QnVHcy3dobaEnAEw6N0DaDZ2n9OBFHZi8ZwS5m4r3me0o_0-c_ilJI7ndldADmOW5M6aKAhKTGI3GXczDaNK6OW5qan3pb_NveejxRQoZ9EFdT1-RxzfgLYK7_c&sai=AMfl-YSIJCQ3f_yvNkz6NloLDOocYoOWEVlhuXueYmHXdx_ehtzR3AxwZSOeIE_XokbgShrYJhfvuwA7y9Ts3q17PXflQJI2thuonGKSStLu49QXhCbDXXkSYnur6kFQGPM&sig=Cg0ArKJSzO_kAT94Dg9lEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 12 May 2021 03:45:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2828 116 KB
35 KB 43ms
35ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 03:45:43 GMT

GET
H3-29 200 10644726526139754416
tpc.googlesyndication.com/simgad/ Frame 2828 94 KB
94 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10644726526139754416?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c9a3f12488a2b21b4468ccf0b95eeba86631913803bf98597f5a238922cca66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:38:52 GMT
x-content-type-options: nosniff
age: 490011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95746
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 15:41:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 11:38:52 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 48ms
44ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 12 May 2021 03:45:43 GMT

GET
H2 200 getcity Show response
sc.youmaker.com/ 119 B
181 B 131ms
119ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/getcity
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0d2c5195d5b08b00758340a343e73238b608fe29f619ccef5b1335f8a34d3ebe

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 May 2021 03:45:43 GMT
via: 1.1 google
server: nginx/1.16.1
alt-svc: clear
content-length: 119
content-type: application/json;charset=UTF-8

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2828 0
0 88ms
57ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPsQg7E8vIahXhWyB5SXZCwKJpIqCUsZn0T0VxeOkEIhpg6_M4IV1wK2rQbikaB6AeJip2Z6Ay3KUFGQZ8a_96f2EXFawqfd73bcxAJnbVYKFRCMALtFKNPk0RMLqH05HyctWThwVrD2ark3zYLEIg4FTi0s6_QL5UIO79UtaRgwLq_eGenKa7sbPqv8vFUCzzCNhK17uOkUHJ0giX_iTw_Bx0SaxWzAu91isykoawRyo2POS_zNmrJJ1PTN7I2AbvFOo9Ke4PZezRju7fc-DfVFiQTmSGIkn7s-mqhJTjOSQoAHcQZ4uLrcQqdOBja40&sai=AMfl-YSP1yssGJUWPRNz47Ee-tHG5WrM_UNwOrwqbJawLeSmHZVK_PGfsMGruUp54aq7XBQh_k2k9tka6sOJDLYwYeaVieaXMX9XwlnUD9Ks4ePLOsBAks6U4d1_DqmDoHY&sig=Cg0ArKJSzELYOFWj4-VvEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 12 May 2021 03:45:44 GMT

GET
DATA 200
OK truncated
/ Frame 2828 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dce8b4d733ea29a6d889a31c19dda59c75fb0760f95b099fda49cf8e751c054

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
509 B 87ms
19ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D0%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:44 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AD2 0
0 59ms
59ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1_SWRyBpmvfTX6UWji8athfFMgCzyF38_j0nAySjoqva53Q2uepn0kBAUWttdjwEI19xDuNBwUttHHJvFBGQMJ67kgKcLMlZvvLsENFcMPtToqH6NCTTkqEYB3goJn_lAs97Dh88ZiiLmgDHXOMI45d3Gtwfj9lMUn_SJt9AC7MnAIKcgPWj15IFLwxrm9USG95TQA3APj95po3Mw9BvwDj2Ehwn33A4wT4YHQ-xKrlEcTyC32pi7ZcEdeJ_X1Ysz5zxS1kf0Ey9sYL3wTr6CYrPhj9AyHQeKrNqn57h06aywuF_1dMzM5R6JYZUFjNSWw13NsAhFnqZ0m4ktoDRaaWl4a0Vxud3u97I&sai=AMfl-YR-ZsJhTEQI8wE4tZXIZsNZOHCQpjCeMoUa72hNBCrfpGhSutme0ilkxPxTcWPNL5GiQUrlkDTmxZFlmXrLGHDQ9DtX-E4httEvY5mYNOptJvVA8r348SyR_V904Lk&sig=Cg0ArKJSzF0Etl-YfsTgEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AD2 116 KB
35 KB 49ms
48ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 03:45:44 GMT

GET
H2 200 biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html
www.theepochtimes.com/ Frame 8AD2 43 KB
43 KB 27ms
26ms Image
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
pragma: no-cache
cookie: epoch_persistent_user_id=anon49ba-5164-454a-a463-48f10d6c0ac5; epoch_gdpr_userid=c3b76110-fe5a-c1e9-5022-cc9f96feda11; _ga=GA1.2.355252204.1620791142; _gid=GA1.2.1969779857.1620791142; _gat=1; __asc=26c606c51795eae2791c8256be3; __auc=26c606c51795eae2791c8256be3; __qca=P0-391579167-1620791142735; epoch_geo=be; epoch_geo_city=bru; __gads=ID=2711e3aa89ef3365-22af38d411c80012:T=1620791143:S=ALNI_MZeXF2DALgZEy6BtdcAKB5oye2NQw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.theepochtimes.com
referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-cache-status: MISS
x-hw: 1620791144.cds011.fr8.hn,1620791144.cds230.fr8.c
content-type: text/html; charset=UTF-8
cache-control: max-age=596
content-length: 12080
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 206 video_360p.mp4
vs.youmaker.com/assets/faa026eb-18bb-405d-68f1-469535a078ea/ Frame 8AD2 280 KB
281 KB 107ms
30ms Media
video/mp4 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/faa026eb-18bb-405d-68f1-469535a078ea/video_360p.mp4
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/biden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html?_hsmi=96965274&_hsenc=p2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.16.1 /
Resource Hash: ce65c50aa24b0172d9e073b51d69b6b0f0a7608e01b238be00c4a1c5eb7d728f

Request headers

Referer: https://www.theepochtimes.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 12 May 2021 03:45:44 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1620791144.cds148.fr8.hn,1620791144.cds065.fr8.c
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=3600
Content-Range: bytes 0-287076/287077
accept-ranges: bytes
alt-svc: clear
Content-Length: 287077

GET
DATA 200
OK truncated
/ Frame 8AD2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f948381a9d7741bd6f8377a2f6ca39bb54287620407fc5f1d6182e7cc53800e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AD2 0
0 63ms
62ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhXLg0_hXWbRIEIDC2GDTkFmnuFy-35R-1DQVMjj0jwktQuIoEDWhojMvnctTTBWJ0q1Z-3QLtL-mAb5Qg3NAXqE35yi9i0mYzjn6qO0R0zMpJcJwnysLis2WCOMHBB2GzEP75lbThbPR_S4JT6_SIaCQhKijJHSl4yicG5MonGKFV2gWRKbzZ4rS_OwWF2xCCM39O3u4p8UtH6kVpuQSqjnfuLeTAdQslA6SVAKi_kxst8EDQzHwWi3QZDtpIa5E_C4vVYerJKiuUrt6W22U7gpubya6Xg2ZdKlD4OfCMxMTQYs18Qa3rQAz7bGM3QY3GB2gUrVDBNgtsqsQLH4M&sai=AMfl-YRrSaolFSz7D92F48SCOjGJkxs49WWDWZmRd6NMLuF5GOwQ_7inPLvJ8ea4R_REAYXz84o0Pr6ln1St48XKjwL3onEytw89T5eVWULAwrd5_IoRNSD2HuTLHBZyVMM&sig=Cg0ArKJSzJKV1ytib1DFEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 12 May 2021 03:45:44 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/24003086/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
348 B

50ms
49ms

Script
application/javascript

65.9.97.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:41:38 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Z5AriRJITCGnib-BVcd8xAsChD5zu3XhOUQbXXh0904ao0yKB05obg==

Redirect headers

date: Wed, 12 May 2021 03:45:44 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: 6OcCdbQPnfrPZ7AVSDNmP4Cs6ZLa9csjeLd3RDCwrZA2Kx9nxyHCkQ==

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 60ms
60ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 12 May 2021 03:45:44 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 69ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ddb121dbe955d486a4fdb7fff4c2d3fbfa29a231e6c8e7774d2db13bc1c390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 03:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7536
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 37ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: HMBBV8PUsuTe+KCl07686YUXwEdGK3eT1MOH8BUiXUEm3AG80ONo4nA9WqsRsYL3RkezpnB5R+pfc82wNc/GuQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 12 May 2021 03:45:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 push_notif.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 60ms
14ms Script
application/javascript 2606:4700:3038::6815:ea20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4796
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a0047492600004e68713b6000000001
last-modified: Thu, 17 Sep 2020 15:46:03 GMT
server: cloudflare
etag: W/"5f6384bb-18fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E4OSvq5fetE1D6f0CeEx6ZKVDAIkjXglPXR7M%2BOMhrBLNRX2SqK7aycrUI4fCqdGQ5zRj7%2Ft3aScLO6RN5RpgiLaehrTw3eU3%2BQZZRDihvCGIMn8cm4mFeVbmeWQIxGStA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 64e0a7eeaad14e68-FRA

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 12 May 2021 03:45:44 GMT

GET
H3-29 200 179006610034452 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 53ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/179006610034452?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74ce4e8b8c142139d3f901c44994f1ed3d880009531e2d7a227be4ef5ae195c2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74300
x-fb-rlafr: 0
pragma: public
x-fb-debug: BKNpNxvQiWCoWCtsiJVmn4FrxW4MNA+8oJk51QyYhO3lZ8jruDlaxZqZDjVsvwbz4CZu3IJATwZKUzXYqUbf8Q==
x-frame-options: DENY
date: Wed, 12 May 2021 03:45:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b413bf4fa936cc351ac6476e0df69b50.js Show response
clientcdn.pushengage.com/core/ 74 KB
18 KB 342ms
66ms Script
application/javascript 65.9.97.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6392823a467c24f0cd1424878625ac1780ae368c97432c306e366bf59a74a9d9

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:43:57 GMT
content-encoding: gzip
server: nginx
age: 107
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: gzQOMY9vsj09v-aC8OiBGG-RsNKp5PbVP8IWeHwDFqgz-Umjf54GgA==
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4EAF 12 KB
5 KB 48ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 11 May 2021 21:07:21 GMT
expires: Wed, 11 May 2022 21:07:21 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23903
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 2D1F 70 B
265 B 422ms
0ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 12 May 2021 03:45:45 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 326C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=1037609b-4f68-4500-b722-d58b8c1f6170&gdpr=1&gdpr_consent=

35 B
238 B

712ms
47ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=1037609b-4f68-4500-b722-d58b8c1f6170&gdpr=1&gdpr_consent=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=1037609b-4f68-4500-b722-d58b8c1f6170&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=true; loc=Jgi9WtdYXVroizd6aWe2S-I4uHwz7hbiq5mbqNcjtnavU7XwhuCojxOrYTjuBl8JP6We6E0PKG0; vst=e_27ee1095-b5f7-4c88-bc5c-41b30d5ebc3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 12 May 2021 03:45:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 03:45:38 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x31
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=1037609b-4f68-4500-b722-d58b8c1f6170; domain=.mathtag.com; path=/; expires=Thu, 09-Jun-2022 03:45:44 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=1037609b-4f68-4500-b722-d58b8c1f6170&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 03:45:37 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 8A25 1007 B
850 B 295ms
42ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 719154c9c1241fa4e907a5bd4ed0b74d248d6ab9d8a37a36657b368423e17d8e

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=25c2b98f-9f0e-0543-3634-c1dfab840ea8|1620791142
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=25c2b98f-9f0e-0543-3634-c1dfab840ea8|1620791142; Version=1; Expires=Thu, 12-May-2022 03:45:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620791145|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 27-May-2021 03:45:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 12 May 2021 03:45:45 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame C213 170 B
232 B 406ms
39ms Document
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkUfHoRTprmTKxTrmOZ4UBUaBjWWHmJu7rItbJChmEvCVyX7lPJZwbr0XZulZI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

content-type: image/png
date: Wed, 12 May 2021 03:45:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 280F 170 B
506 B 401ms
38ms Document
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkUfHoRTprmTKxTrmOZ4UBUaBjWWHmJu7rItbJChmEvCVyX7lPJZwbr0XZulZI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

content-type: image/png
date: Wed, 12 May 2021 03:45:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 761F 2 KB
1 KB 381ms
26ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 12 May 2021 03:45:45 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E9B3 38 KB
14 KB 151ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=96519
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 03:45:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1890 52 KB
17 KB 369ms
23ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=1031571765600764906; icu=ChgI159BEAoYAiACKAIw5p7thAY4AkACSAIQ5p7thAYYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 03:45:45 GMT
Age: 82043
X-Served-By: cache-lga21948-LGA, cache-hhn4060-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1385179
X-Timer: S1620791145.379723,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 4244 70 B
264 B 261ms
0ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 12 May 2021 03:45:45 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4183 38 KB
14 KB 265ms
58ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=96519
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 03:45:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame A4B3 1007 B
862 B 248ms
42ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 719154c9c1241fa4e907a5bd4ed0b74d248d6ab9d8a37a36657b368423e17d8e

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=25c2b98f-9f0e-0543-3634-c1dfab840ea8|1620791142
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=25c2b98f-9f0e-0543-3634-c1dfab840ea8|1620791142; Version=1; Expires=Thu, 12-May-2022 03:45:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620791145|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 27-May-2021 03:45:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 12 May 2021 03:45:45 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6CB2 2 KB
1 KB 362ms
26ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 12 May 2021 03:45:45 GMT
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 0E5B 0
0 358ms
26ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 12 May 2021 03:45:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0a00474ba30000203fa9202000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 64e0a7f29cff203f-AMS

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8D16 52 KB
17 KB 314ms
24ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=1031571765600764906; icu=ChgI159BEAoYAiACKAIw5p7thAY4AkACSAIQ5p7thAYYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 03:45:45 GMT
Age: 82043
X-Served-By: cache-lga21948-LGA, cache-hhn4021-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1387082
X-Timer: S1620791145.380196,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1357
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=0bd7609b-4f69-4c00-b03b-a8b2401577b9&gdpr=1&gdpr_consent=

35 B
237 B

710ms
47ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=0bd7609b-4f69-4c00-b03b-a8b2401577b9&gdpr=1&gdpr_consent=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=0bd7609b-4f69-4c00-b03b-a8b2401577b9&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=true; loc=Jgi9WtdYXVroizd6aWe2S-I4uHwz7hbiq5mbqNcjtnavU7XwhuCojxOrYTjuBl8JP6We6E0PKG0; vst=e_27ee1095-b5f7-4c88-bc5c-41b30d5ebc3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 12 May 2021 03:45:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 12 May 2021 03:45:38 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3709 11aaa92 master zrh-pixel-x7
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=0bd7609b-4f69-4c00-b03b-a8b2401577b9; domain=.mathtag.com; path=/; expires=Thu, 09-Jun-2022 03:45:45 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=0bd7609b-4f69-4c00-b03b-a8b2401577b9&gdpr=1&gdpr_consent=
Expires: Wed, 12 May 2021 03:45:37 GMT

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 84DE 0
0 301ms
38ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 12 May 2021 03:45:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0a00474ba40000203fb8a44000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 64e0a7f29d00203f-AMS

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6726 281 B
554 B 796ms
28ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 May 2021 03:45:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET

6.gif
id5-sync.com/c/441/108/4/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOxHuRkF0ZinBLXtNalEWVt4JmwL4DksJKmt5gpg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOxHuRkF0ZinBLXtNalEWVt4JmwL4DksJKmt5gpg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
https://id5-sync.com/cq/441/124/8/2.gif?puid=a00b5163-35c9-4ef6-91cf-3b3c4486a9e9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPBSjUHz3JYAz6ywNgmrn6M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1031571765600764906&opid=apx&ops=&utidl=tech:goo:CAESEPBSjUHz3JYAz6ywNgmrn6M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17435074193&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/6/4.gif?puid=6437b8acd18df3db526a3e944ed0f981&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/101/5/5.gif?puid=76da2b8f-2643-4e33-8346-7c96c6608d2f&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/441/108/4/6.gif?puid=49467ac5-a751-4562-be7e-6c6f1836bed5&gdpr=1&gdpr_consent=

0
0

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=1031571765600764906

35 B
237 B

41ms
38ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1031571765600764906
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:46 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid: 19bc6408-e3c8-463c-95b1-d2328a901c88
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1031571765600764906
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 1418ms
25ms Image
image/gif 52.57.142.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.142.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2828 42 B
64 B 170ms
19ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVYDl4zQAKyWI_uNj4uOQ6mo8Fe2LHkug9g8P8BOTA0EEEt-ACL7isX0jcHNviycStZjC9dTORa0ZZZ-1TkBTxvo1u21as99wXLPbi18I&sig=Cg0ArKJSzAol_7o3QObaEAE&id=lidar2&mcvt=1026&p=121,315,371,1285&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20210510&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3587454004&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1620791143814&dlt=0&rpt=657&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 25ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179006610034452&ev=PageView&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&rl=&if=false&ts=1620791145405&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620791145384.1246994348&it=1620791144771&coo=false&exp=l1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 May 2021 03:45:45 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EAF 14 KB
6 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 06:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 75643
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Wed, 11 May 2022 06:45:02 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8AD2 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudjganEERRgSRgHqiZTYiJU3cKPPG1VDUdAkB6SWyaxKfKWmxXXnlSDRydZ8cOkPa--pM1vybsHqRHZSgiGE-t9tbU3kGu1SosVJCehz-QZgSvm8CO&sig=Cg0ArKJSzK3xkTlSNkC2EAE&id=lidar2&mcvt=1004&p=437,1100,687,1400&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210510&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2786340635&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620791144227&dlt=0&rpt=382&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179006610034452&ev=Microdata&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-95rj7_wnwMe_3JuflMzWtzSgcq5Qzzwk27n9WAtHXH6uOSSXfag5_-bzfwgBRLGLgvntPWl_VBn-xcGYpReCE_urdprQXOWL3SGisn3mLmXXgSXYM&rl=&if=false&ts=1620791145911&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Biden%3A%20COVID-19%20Vaccine%20Shouldn%E2%80%99t%20Be%20Mandatory%22%2C%22meta%3Adescription%22%3A%22Democratic%20presidential%20nominee%20Joe%20Biden%20has%20said%20he%20doesn%27t%20think%20people%20should%20be%20compelled%20to%20get%20vaccinated%20against%20...%22%2C%22meta%3Akeywords%22%3A%22Joe%20Biden%2CVaccine%2CTHE%20EPOCH%20TIMES%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Biden%3A%20COVID-19%20Vaccine%20Shouldn%27t%20Be%20Mandatory%22%2C%22og%3Adescription%22%3A%22Democratic%20presidential%20nominee%20Joe%20Biden%20has%20said%20he%20doesn%27t%20think%20people%20should%20be%20compelled%20to%20get%20vaccinated%20against%20...%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbiden-covid-19-vaccine-shouldnt-be-mandatory_3606525.html%22%2C%22og%3Asite_name%22%3A%22www.theepochtimes.com%22%2C%22article%3Atag%22%3A%22Vaccine%2CJoe%20Biden%22%2C%22article%3Asection%22%3A%222020%20Election%22%2C%22article%3Apublished_time%22%3A%222020-12-06T07%3A58%3A59-05%3A00%22%2C%22article%3Amodified_time%22%3A%222020-12-06T16%3A41%3A52-05%3A00%22%2C%22og%3Aupdated_time%22%3A%222020-12-06T16%3A41%3A52-05%3A00%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2020%2F12%2F06%2Fbiden-with-striped-tie-2-1200x800.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620791145384.1246994348&it=1620791144771&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 12 May 2021 03:45:45 GMT

GET
H2 200 62a9e092-a625-a8fd-5d35-1fc230f4f01c
pr-bh.ybp.yahoo.com/sync/openx/ Frame A4B3 43 B
552 B 302ms
37ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/62a9e092-a625-a8fd-5d35-1fc230f4f01c?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A4B3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5

43 B
106 B

37ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:46 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A4B3
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://x.bidswitch.net/sync?dsp_id=59&user_id=c7edc8f7-c55d-49e4-933a-7c08a2e2b5db&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae

43 B
106 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae
date: Wed, 12 May 2021 03:45:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame A4B3
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHeHRFN0JOcDhBQUN3ZXF3UFNhQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

68ms
41ms

Image
image/gif

52.49.40.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A4B3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9

43 B
122 B

27ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 03:45:39 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 03:45:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A4B3
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN

43 B
106 B

41ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A4B3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2802571427815825713

43 B
106 B

45ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2802571427815825713
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2802571427815825713
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A4B3 70 B
264 B 36ms
35ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=f66e86d6-3689-3ab4-6ce2-0937cfa33d55&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame A4B3 170 B
188 B 161ms
122ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGEwMTU1MWMtZmZmZS02NDEwLTc5MDItNTM4ZTA1NDFmMzM1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A4B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1

43 B
106 B

91ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62a9e092-a625-a8fd-5d35-1fc230f4f01c
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8A25 43 B
840 B 232ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/62a9e092-a625-a8fd-5d35-1fc230f4f01c?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:45:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8A25
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5

43 B
106 B

42ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:46 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-06dc1c09a183d011e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4huRVghm1LGFOG5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8A25
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae
https://x.bidswitch.net/sync?dsp_id=340&user_id=cd9b9c2a-8080-4430-bc6d-377ef56980ef&expires=10&ssp=openx&bsw_param=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae

43 B
106 B

54ms
51ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=4314d5b1-b6c0-4f8c-af8f-d91d4effb4ae
date: Wed, 12 May 2021 03:45:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 8A25
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHYTcwN0JOcDhBQUN5cXF3UFNhQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

68ms
40ms

Image
image/gif

52.49.40.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8A25
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9

43 B
106 B

42ms
9ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 03:45:39 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0bd7609b-4f69-4c00-b03b-a8b2401577b9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 03:45:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8A25
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN

43 B
106 B

38ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=V-6pHVW4pklMvKZPUeq9GlO_8kxMvaMeArjleuTN
pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8A25
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3351288628832932572

43 B
106 B

35ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3351288628832932572
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3351288628832932572
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8A25 70 B
264 B 184ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=f66e86d6-3689-3ab4-6ce2-0937cfa33d55&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 8A25 170 B
188 B 98ms
32ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGEwMTU1MWMtZmZmZS02NDEwLTc5MDItNTM4ZTA1NDFmMzM1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8A25
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1

43 B
106 B

104ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xcz-Zh_MNGMatw6mdQNY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1890 0
750 B 26ms
26ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid: 07722477-ebdd-4a75-9b0e-0d7e8f868fed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D16 0
750 B 32ms
17ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid: 10f4636e-cffc-4f1a-94e8-9a870abe78c3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 3057
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

51ms
41ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d0c3e2cd4ae3b21e79eab066e1bec223ccff0d376c946a3af1c38ec09ba6571e

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1111; CMID=YJtPaynhWAnludXx0MVAFwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|45|190|13|57|123
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1795
Expires: Wed, 12 May 2021 03:45:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Connection: keep-alive
Set-Cookie: CMID=YJtPaynhWAnludXx0MVAFwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 12 May 2022 03:45:47 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 03:45:47 GMT CMPRO=1174;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 03:45:47 GMT CMST=YJtPa2CbT2sA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 May 2021 03:45:47 GMT CMRUM3=27609b4f6b0b40&f1609b4f6b05a0&7b609b4f6b05a00&e6609b4f6b2760&be609b4f6b05a0&0d609b4f6b05a0&2d609b4f6b05a0&39609b4f6b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 12 May 2022 03:45:47 GMT

Redirect headers

Server: Apache
Content-Length: 344
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 12 May 2021 03:45:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Connection: keep-alive
Set-Cookie: CMID=YJtPaynhWAnludXx0MVAFwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 12 May 2022 03:45:47 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 03:45:47 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 1371
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

58ms
48ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d26fc1f08b1b4a21202d50d47bd618076c6b77435334ccdd3e4d2a58b2538fc1

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1111; CMID=YJtPaynhWAnludXx0MVAFwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|241|39|190|41|156|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1720
Expires: Wed, 12 May 2021 03:45:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Connection: keep-alive
Set-Cookie: CMID=YJtPaynhWAnludXx0MVAFwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 12 May 2022 03:45:47 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 03:45:47 GMT CMPRO=1174;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 03:45:47 GMT CMST=YJtPa2CbT2sA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 May 2021 03:45:47 GMT CMRUM3=9c609b4f6b05a00&2d609b4f6b05a0&29609b4f6b05a00&f1609b4f6b05a0&6f609b4f6b05a0&27609b4f6b0b40&e6609b4f6b2760&be609b4f6b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 12 May 2022 03:45:47 GMT

Redirect headers

Server: Apache
Content-Length: 344
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 12 May 2021 03:45:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Connection: keep-alive
Set-Cookie: CMID=YJtPa5l3dfaNYFmWk5aMPAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 12 May 2022 03:45:47 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 03:45:47 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6726 30 KB
9 KB 36ms
35ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Wed, 12 May 2021 16:43:30 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6726 284 B
536 B 291ms
40ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3057
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t

43 B
433 B

121ms
120ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3057 70 B
264 B 131ms
62ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJtPaynhWAnludXx0MVAFwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 3057
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1

43 B
315 B

85ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3057
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJtPaynhWAnludXx0MVAFwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1

43 B
1 KB

40ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 3057 0
0 88ms
26ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3057
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06382204271315744db57499&expiration=[EXPIRATION]&gdpr=1

43 B
1013 B

37ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06382204271315744db57499&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:47 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06382204271315744db57499&expiration=[EXPIRATION]&gdpr=1
Date: Wed, 12 May 2021 03:45:47 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3057
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827870782258265

43 B
1008 B

35ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827870782258265
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:47 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827870782258265
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3057
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IdSLmfNBS6JOrn4pKLA_PFJmE2Q

43 B
1 KB

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IdSLmfNBS6JOrn4pKLA_PFJmE2Q
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:48 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IdSLmfNBS6JOrn4pKLA_PFJmE2Q
Date: Wed, 12 May 2021 03:45:48 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3057 43 B
425 B 89ms
26ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YJtPaynhWAnludXx0MVAFwAA%261174
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:47 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1398
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 04:09:05 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1371
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJtPaynhWAnludXx0MVAFwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1

43 B
1001 B

44ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOFsJE-0dy3n1Ixz-VgPxDU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1371
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1

43 B
315 B

97ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 May 2021 03:45:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEO_ylf5t8QEcV0GxNcfBhhA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1371
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t

43 B
433 B

121ms
121ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:48 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJtPaynhWAnludXx0MVAFwAABJYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1371 70 B
264 B 94ms
60ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJtPaynhWAnludXx0MVAFwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 1371 0
0 182ms
153ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 1371 43 B
408 B 267ms
50ms Image
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:47 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 1371 35 B
380 B 419ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Wed, 12 May 2021 03:45:13 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 1371 0
330 B 69ms
50ms Image
text/plain 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1371 43 B
425 B 44ms
28ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YJtPaynhWAnludXx0MVAFwAA%261174
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 03:45:47 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1398
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 04:09:05 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1890 0
750 B 61ms
21ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:48 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid: 43cf5bbb-c052-4636-b36e-1ddac16fd29c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D16 0
750 B 54ms
22ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 03:45:48 GMT
X-Proxy-Origin: 82.102.19.100; 82.102.19.100; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 2bcd7e87-4967-4a28-9837-dc59cdcdeba2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050601&jk=408968880094779&bg=!sbKlsvbNAAY59bwoOfU7ACkAdvg8WjQWi9rzsy_VjkOySqpqj5-Ev8z7d9bpawOImbdIIkGC07qGuAIAAARvUgAAAAxoAQcKAE25eydKbFUf6AsbOPyT4BtIsj5H85nNl8tEjH_oA7EWfctGt0hAimw9mDwhBTKullclBNZJfcykWkTHmR-E46TinpBTAFwiaSCEr5H3MpkCPt_DgnAU4nlHHSzdc3VDmc4ATCwvVAI57hl-xBYRxwm4x4Mh2O5xWtefRlqqVTIuMzOhPde7OgnigG42o41ZPRp-r8aqbYqcPRWlQt1hI4b01ClYS7Hy8f2uEnbhDKRWXyf6XEkBNW79K60EjVs2F3fbNZd10RshFDddsfF7xwLl_FxDT4Og5sZ5PoQvy_sOY5PW2xNORm1C1dq-HN4f7ZYkXc_-_WpODhrp1yyK_upS-E1rYoTEZ1B4krhNqdyi3aaPSkF9qo07TgpfQaMtdlpItoza8v8pZV_mvzqu5vR1WPANq_8t_ALUJl2zrPeBJhULaV8D4nmnYohGcoJcvW14ew1SIVtS5XMny9yeS2RoSn__hCJqJDoBEPIw0JKRS9PVX6yI-reca5A_n_g-jxOo8x6fwgXHeitgDhExmAvENWhtucmm1F7o0x181PAyyzDM8ClX0Je7UE-E95zi3KJ7B9SU9o3HSK1okwRp20azf3RAnPbktsiISd3ujpteZOxVg9YZSezCTo69tpLyCdzJKKW4ztmr3rL0N78ILF7IBNUt0mz76-G81iMcDMpdeVJ5TG6oqQParl8bxIFVXJt-ilTezPvZ0A68nnPSQ4aNANWMsgvu7iIX-HDbZlcPZtHp86nnbsnAfM3cUhfXDiHO7cbYfiFbEmdN9xeemGM26S6jKHgNWVpJGFgYrkT9TsmKlubRDXq-eNqwsd0iqkhTORXTFmcKBeegEiVs5i7L-URekq4zBjJAa7wLscg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 03:45:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/441/108/4/6.gif?puid=49467ac5-a751-4562-be7e-6c6f1836bed5&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theepochtimes.com/	1969-12-31 23:59:59	Name: epoch_user_dna Value: %7B%22pid%22%3A%22anon49ba-5164-454a-a463-48f10d6c0ac5%22%2C%22x%22%3A%2254-661-395%22%2C%22vt%22%3A0%2C%22g1%22%3A%22be%22%2C%22g2%22%3A%22bru%22%7D
.theepochtimes.com/	1970-01-20 03:34:47	Name: __gads Value: ID=2711e3aa89ef3365-22af38d411c80012:T=1620791143:S=ALNI_MZeXF2DALgZEy6BtdcAKB5oye2NQw
.ads.pubmatic.com/	1970-01-19 18:14:37	Name: KCCH Value: YES
.theepochtimes.com/	1970-01-20 11:44:23	Name: _ga Value: GA1.2.355252204.1620791142
.theepochtimes.com/	1970-01-20 02:58:47	Name: epoch_geo Value: be
.theepochtimes.com/	1970-01-20 02:58:47	Name: epoch_geo_city Value: bru
.theepochtimes.com/	1970-01-20 03:37:39	Name: __qca Value: P0-391579167-1620791142735
.theepochtimes.com/	1970-01-20 03:00:13	Name: __auc Value: 26c606c51795eae2791c8256be3
.theepochtimes.com/	1970-01-19 18:13:12	Name: __asc Value: 26c606c51795eae2791c8256be3
www.theepochtimes.com/	1970-01-20 02:58:47	Name: epoch_gdpr_userid Value: c3b76110-fe5a-c1e9-5022-cc9f96feda11
.theepochtimes.com/	1970-01-19 18:14:37	Name: _gid Value: GA1.2.1969779857.1620791142
.theepochtimes.com/	1970-01-19 18:13:11	Name: _gat Value: 1
.theepochtimes.com/	1970-01-19 20:22:47	Name: epoch_persistent_user_id Value: anon49ba-5164-454a-a463-48f10d6c0ac5

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9G2-Hw7V1-WJV7CgNlYW96mHCn1-9p6cW21xn4q3YYNxlW2b0xyL3zCGymW3HygKv4bqp5YN1w39g5Pq82pW1c54hg9hTWrFN8T6wScLBCZbW3CDKCT9gwZ-zW1qxdh5272cvDN1bt1yjl6hmPW8L-M6833mQBwVMrMQK3wH0kBW1kZ3kr3w1dzBW68YLC-5MjRnYW9cd9C08N_4T9W45kWPX4BPmWpVZctqv84jsVfW3n1hkk1pzJ94W4-6C-432QbX8W6WQBjG7BfQySW7Wj28j1_6JZcW3mgn8B5fzpy1W4LrC0b7hYxsTVyVr_w74X-J333cJ1(Line 13) Message: toS
console-api	log	URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002(Line 8) Message: Config.ApiHost : https://subs.youmaker.com
console-api	log	URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002(Line 8) Message: Config.AuthHost : https://auth.youmaker.com
console-api	warning	URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js(Line 4) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20210510(Line 4) Message: in eu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c975968d179c1273408debefce8450c.safeframe.googlesyndication.com
acdn.adnxs.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
adservice.google.de
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.districtm.io
certify.alexametrics.com
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
comment.youmaker.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
dmx.districtm.io
dsum-sec.casalemedia.com
epoch-times-d.openx.net
eu-u.openx.net
eus.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
img.theepochtimes.com
info.silobreaker.com
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
match.prod.bidr.io
mixi.media
p.rfihub.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.adnxs.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
stat.media
static.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static6.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
target.mixi.media
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
vs.youmaker.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theepochtimes.com
www.youmaker.com
x.bidswitch.net
id5-sync.com
104.111.230.142
104.16.68.69
136.243.217.162
142.250.185.130
146.185.195.94
151.101.113.108
151.139.128.10
151.139.128.11
173.231.181.122
178.162.133.149
18.156.195.47
185.183.112.148
185.29.133.208
185.33.221.52
185.64.190.78
192.132.33.46
193.0.160.128
199.60.103.2
2.18.233.180
2.18.234.21
2.21.111.28
216.58.212.130
2600:9000:2127:5c00:6:44e3:f8c0:93a1
2606:4700:3038::6815:ea20
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.33.89
34.120.97.157
34.98.64.218
35.201.68.206
35.244.243.66
37.157.2.235
37.252.161.190
37.252.173.62
50.16.38.94
52.24.28.41
52.49.40.147
52.50.187.150
52.57.110.162
52.57.142.16
54.194.211.3
54.239.17.112
54.77.19.59
65.9.95.127
65.9.97.12
65.9.97.26
65.9.97.28
65.9.97.32
65.9.97.60
65.9.97.90
69.173.144.138
69.173.144.139
76.223.111.131
000c91d855e5a3dd0ddd57fefe4f542d2e62e682415a47dffc6d2d14dbb69a2b
02aa323303b4c384aa960710eeeb0b530b1e5904de03503b685364950f6a970b
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2c5195d5b08b00758340a343e73238b608fe29f619ccef5b1335f8a34d3ebe
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
1408f0de79f50484c09eecaf00ff3f4a388624eb4225df8dbcce867c4d41ee1e
166932f4c2bf978a99aa224ee7ba36a99c7bc96d529e00ff4b2fdad676f0abed
179a3ca9e79ab3b1870f06abbbd744a25905568b7bc0a5969b564f257ef9bca0
1956e71e915557c3908a5bbb7d994b0fbaece4915f79ca2fe03dcc3e53612802
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1df0ff326855a8fe4eb6b3594c3ab4db71ce7118031877f39c4b750f6f351f8e
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
26abf165a1cf54609f9b8531eca9f2133f591a50a32567d8a930d532b1efb864
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dce8b4d733ea29a6d889a31c19dda59c75fb0760f95b099fda49cf8e751c054
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
3c2b3118e88e2453a34b07365f44979e9321cef797ba9d29c615723f1c719d18
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7448d382adc8189462c51a9dda5f51ba32f69491bb024c086ef0f749755e0c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa52d4d1c8ff6e85c811754d25a2b036c44d303fdf4523a5d8612ab3e0c8864
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4598251cf366e26c955ca447ff2a94c22de107e622e7c89551b510ef856f28b5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b01cf18a7465bf0e5526bc818efd026d618cfa62ea735517600fdd03cf36d3a
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
5179b18022d96ffa734ebc51af9c91c79d953f5b5bb548963ccc23e3a70a06b8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56d098174340069677e63fa3e63977a3535985fc402440a6712aa84e5b9aa2ab
5b1ef110848a109d361f77bef844ebe0575d29cb1e4a2ffa84024d81073d8e2c
5d53b01ccf0533be9bb04cd0fd27b2f98493ff63fe8639d917cf02685cedb07c
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3
6392823a467c24f0cd1424878625ac1780ae368c97432c306e366bf59a74a9d9
67dbca7de22e6bcd66075b8c252ada889ae0af06fdcd126c23df1888ddd308e3
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68880362d1f548529d11929167c92d3985b1f52acfcf5e91cfed2f7dc44eb655
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9a3f12488a2b21b4468ccf0b95eeba86631913803bf98597f5a238922cca66
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
711b69add265b2aa2c97a78c67e3cca8fd8ea14657ba6c6f4b3a58ad3e581950
719154c9c1241fa4e907a5bd4ed0b74d248d6ab9d8a37a36657b368423e17d8e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ce4e8b8c142139d3f901c44994f1ed3d880009531e2d7a227be4ef5ae195c2
779e7da199248c926a29c69c10d49eabdb7ca9eb1927d4af9792514bb8fb62af
7d6269ce342a08ba2fc6da463723ef68505275482b3c388de4c9d2ccdedd36c2
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
7e8aa0944b0897b72e9e1b0db89bd450f5967196bd850f7c4fc1a7f31a5ae050
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f03a2875c2cfe6a5e0c5752de2cfe3c6133c7e1fcb95f38c39b9cb9185bc564
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83245e30d6ee857fc3e799c70c42d06267e2302803bfadfe9f130eabf9975aad
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8660f64b21689a39effc14a8888dbbaa1a7f75432fd45594ae60c48f107ffac9
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c981d2d723f02f21f8a2a5977710f074721dd1c2d92481a5ddd7c8dd03c262d
8cf4463df9e01897b72c4a0f3a4eb8975d20e551ab8d6da429c4b27b4b8e524a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
96d1a1a5f647175fe629a9b88c69a56e25b924113b9a274516ad84c226de1fcc
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
a05a3c0c60025d75a8ac5cfb6a338e115a6349a984a4d370013dd2266abb620f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aa46ae24e6a40546411c66f3c8c8947fc78584cebe256d2c7c8c07b3e84641ef
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fed80ca2c04e36399b567fd721f99e59af48554e5eac929450645cace8d0d6
b8a008976f05293cd35f26cf907d6b62d5469ce00081be80ee31cc39c34f3d58
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
bb12922378e2bf58f5ac608a4cd3afcdbcc5eb1d2704a5cbef2037649430fde2
bbf882258d986059fd9088d5cb1e244997540c16b0233066c2df7f12305acc57
be6ef5a3822d4d3914f44b78da8770cc79ccca4f389298c048c03d1a72029b51
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c5e3751d0cb1621f6023ce2ee860f26f9f7b440926563db737af63a8abf9f382
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a0e7adfa72ed6bc0deaf84e523d58d6ff70d54e3a0804582fda2a50ea259ac
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce65c50aa24b0172d9e073b51d69b6b0f0a7608e01b238be00c4a1c5eb7d728f
d0c3e2cd4ae3b21e79eab066e1bec223ccff0d376c946a3af1c38ec09ba6571e
d1ddb121dbe955d486a4fdb7fff4c2d3fbfa29a231e6c8e7774d2db13bc1c390
d26fc1f08b1b4a21202d50d47bd618076c6b77435334ccdd3e4d2a58b2538fc1
d5ef77c6a2c1105c7b24ba016c3ba94a040df7f4e74761b21b3d25736fff7765
d95a8a7b4a338ff7e65cd71ba49d032d1b27c9b3040b89999fb50901b82ca2dd
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ff6a38025382e41b18057bb2fbed9edf56ebc90709020fd17043a8ff75e5f8
e7daa6acab9c38abfeb94c218646f5564f123d890c75358c70c006162e9045fb
ee74bf0fa8014bc57676fd08f39cc21df993e15f318fe5b668f1ca8862769c8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58b68fdc3f5b5d5c3e7bcadfffc24d2d13f4903269579f4da7bba55efc88439
f822277549383611dc328b752dfcab23ea697c487f935773e73abd25a9ccb5b0
f948381a9d7741bd6f8377a2f6ca39bb54287620407fc5f1d6182e7cc53800e1
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fb4cd8d6c5b7c9e29f1619f563146dbdc5d8b640b36b6a281f813207443cd2b0
fc2f65b852f9742cec43a7f7ee1cc605c29b863ec999445fb5db74e190bab938

www.theepochtimes.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

99 %HTTPS

27 %IPv6

49 Domains

82 Subdomains

60 IPs

9 Countries

2636 kBTransfer

4539 kBSize

13 Cookies

26 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

99 %
HTTPS

27 %
IPv6

49
Domains

82
Subdomains

60
IPs

9
Countries

2636 kB
Transfer

4539 kB
Size

13
Cookies

188 HTTP transactions
3 data transactions