www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW6...
Effective URL:
https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_...
Submission: On March 17 via api (March 17th 2021, 8:06:36 pm UTC) from GB

Summary HTTP 193 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 61 IPs in 9 countries across 55 domains to perform 193 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.theepochtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.

This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
20	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
4	13.32.167.78 13.32.167.78	16509 (AMAZON-02) (AMAZON-02)
10	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	34.120.33.89 34.120.33.89	15169 (GOOGLE) (GOOGLE)
3	143.204.202.45 143.204.202.45	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	35.201.68.206 35.201.68.206	15169 (GOOGLE) (GOOGLE)
2	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	52.85.115.102 52.85.115.102	16509 (AMAZON-02) (AMAZON-02)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
7 15	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2600:9000:203... 2600:9000:2038:8000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
13	136.243.217.162 136.243.217.162	24940 (HETZNER-AS) (HETZNER-AS)
1	13.226.159.5 13.226.159.5	16509 (AMAZON-02) (AMAZON-02)
3	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
3 10	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3 17	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	52.51.160.138 52.51.160.138	16509 (AMAZON-02) (AMAZON-02)
4	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4	46.161.36.24 46.161.36.24	49505 (SELECTEL) (SELECTEL)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:e6:... 2606:4700:e6::ac40:ca05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 16	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.108.144.200 104.108.144.200	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
2 4	52.59.46.254 52.59.46.254	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.55 143.204.202.55	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
1 2	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.129.87 54.194.129.87	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
3	54.216.86.107 54.216.86.107	16509 (AMAZON-02) (AMAZON-02)
1 1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	3.123.45.2 3.123.45.2	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	35.157.227.186 35.157.227.186	16509 (AMAZON-02) (AMAZON-02)
2 3	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 2	87.98.242.60 87.98.242.60	16276 (OVH) (OVH)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	99.80.128.92 99.80.128.92	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 4	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
2	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	35.170.112.41 35.170.112.41	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
193	61

2 199.60.103.2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

www.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.167.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-167-78.hel50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.10 (United States)

ASN20446 (HIGHWINDS3, US)

vs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com

comment.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.202.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-45.fra53.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.115.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-102.hel50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2038:8000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 136.243.217.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi1-1.sfa50.mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static6.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-5.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.161.190 (Shepherds Bush, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

epoch-times-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.160.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-160-138.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.161.36.24 (Russian Federation)

ASN49505 (SELECTEL, RU)

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7dd975ab069b60ceab3f99e4b8f86037.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:ca05 (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.108.145.8 (Berlin, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.10 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.46.254 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.55 (United States)

ASN16509 (AMAZON-02, US)

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.182.76 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.142.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.129.87 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.58 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.41 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.86.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.45.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

j.mrpdata.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

openx2-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.227.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.242.60 (Saarbrücken, Germany) 2 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.128.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.239.17.112 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.112.41 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	theepochtimes.com www.theepochtimes.com img.theepochtimes.com	479 KB
19	openx.net 4 redirects epoch-times-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	5 KB
17	youmaker.com subs.youmaker.com vs.youmaker.com comment.youmaker.com www.youmaker.com sc.youmaker.com	4 MB
16	adnxs.com 3 redirects prebid.adnxs.com ib.adnxs.com acdn.adnxs.com secure.adnxs.com	43 KB
16	doubleclick.net 7 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	110 KB
14	casalemedia.com 4 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	14 KB
13	mixi.media mixi.media static.mixi.media target.mixi.media static4.mixi.media static6.mixi.media static3.mixi.media static1.mixi.media static2.mixi.media	382 KB
12	googlesyndication.com 1 redirects 7dd975ab069b60ceab3f99e4b8f86037.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	114 KB
9	pubmatic.com ads.pubmatic.com image6.pubmatic.com	74 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	38 KB
4	360yield.com 2 redirects ice.360yield.com	1 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
4	indexww.com js-sec.indexww.com	4 KB
4	stat.media stat.media	30 KB
4	rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	districtm.io dmx.districtm.io cdn.districtm.io	620 B
4	googletagservices.com www.googletagservices.com	116 KB
3	everesttech.net 2 redirects sync-tm.everesttech.net	852 B
3	adsrvr.org match.adsrvr.org	793 B
3	yahoo.com c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	10 KB
3	chargebee.com js.chargebee.com	66 KB
2	deepintent.com match.deepintent.com	60 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	1021 B
2	erne.co 2 redirects green.erne.co	575 B
2	dotomi.com 1 redirects openx2-match.dotomi.com casale-match.dotomi.com	291 B
2	adform.net 1 redirects c1.adform.net	541 B
2	bidr.io 2 redirects match.prod.bidr.io	614 B
2	bidswitch.net 1 redirects x.bidswitch.net	629 B
2	w55c.net 1 redirects pm.w55c.net	1 KB
2	facebook.com www.facebook.com	530 B
2	facebook.net connect.facebook.net	93 KB
2	gumgum.com g2.gumgum.com	2 KB
2	google.de www.google.de adservice.google.de	906 B
2	google.com www.google.com adservice.google.com	618 B
2	google-analytics.com www.google-analytics.com	19 KB
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	advangelists.com 1 redirects nep.advangelists.com	233 B
1	brand-display.com dmp.brand-display.com	253 B
1	turn.com 1 redirects ad.turn.com	441 B
1	justpremium.com match.justpremium.com	322 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	280 B
1	mrpdata.net j.mrpdata.net	75 B
1	simpli.fi 1 redirects um.simpli.fi	773 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	pushengage.com clientcdn.pushengage.com	18 KB
1	epoch.cloud services.epoch.cloud	2 KB
1	sonobi.com sync.go.sonobi.com	509 B
1	alexametrics.com certify.alexametrics.com	552 B
1	quantcount.com rules.quantcount.com	357 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
193	55

	Domain	Requested by
19	www.theepochtimes.com	info.silobreaker.com www.theepochtimes.com
10	ib.adnxs.com	3 redirects www.theepochtimes.com acdn.adnxs.com ssum-sec.casalemedia.com
10	vs.youmaker.com	www.theepochtimes.com vs.youmaker.com
9	us-u.openx.net	1 redirects eu-u.openx.net
8	cm.g.doubleclick.net	7 redirects eu-u.openx.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net info.silobreaker.com
6	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	eu-u.openx.net	2 redirects www.theepochtimes.com eu-u.openx.net
6	ads.pubmatic.com	www.theepochtimes.com ads.pubmatic.com
6	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net www.theepochtimes.com tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ice.360yield.com	2 redirects
4	id5-sync.com	4 redirects
4	js-sec.indexww.com	www.theepochtimes.com ssum-sec.casalemedia.com
4	stat.media	mixi.media stat.media
4	www.googletagservices.com	www.theepochtimes.com securepubads.g.doubleclick.net
4	c.amazon-adsystem.com	www.theepochtimes.com c.amazon-adsystem.com
3	sync-tm.everesttech.net	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	eu-u.openx.net ssum-sec.casalemedia.com
3	image6.pubmatic.com	ads.pubmatic.com
3	static6.mixi.media	www.theepochtimes.com
3	prebid.adnxs.com	www.theepochtimes.com
3	sb.scorecardresearch.com	1 redirects www.theepochtimes.com www.googletagmanager.com
3	js.chargebee.com	subs.youmaker.com js.chargebee.com
2	match.deepintent.com	ssum-sec.casalemedia.com
2	rtb.openx.net	1 redirects eu-u.openx.net
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	green.erne.co	2 redirects
2	c1.adform.net	1 redirects eu-u.openx.net
2	match.prod.bidr.io	2 redirects
2	x.bidswitch.net	1 redirects eu-u.openx.net
2	pm.w55c.net	1 redirects eu-u.openx.net
2	www.facebook.com
2	acdn.adnxs.com	www.theepochtimes.com
2	eus.rubiconproject.com	www.theepochtimes.com eus.rubiconproject.com
2	cdn.districtm.io	www.theepochtimes.com
2	connect.facebook.net	info.silobreaker.com connect.facebook.net
2	static2.mixi.media	www.theepochtimes.com
2	static4.mixi.media	www.theepochtimes.com
2	pixel.quantserve.com	1 redirects www.theepochtimes.com
2	htlb.casalemedia.com	www.theepochtimes.com
2	dmx.districtm.io	www.theepochtimes.com
2	g2.gumgum.com	www.theepochtimes.com
2	epoch-times-d.openx.net	www.theepochtimes.com
2	c2shb.ssp.yahoo.com	www.theepochtimes.com
2	mixi.media	www.theepochtimes.com static.mixi.media
2	sc.youmaker.com	www.theepochtimes.com
2	comment.youmaker.com	www.theepochtimes.com
2	www.google-analytics.com	www.theepochtimes.com www.google-analytics.com
2	subs.youmaker.com	www.theepochtimes.com
2	info.silobreaker.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	nep.advangelists.com	1 redirects
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	ad.turn.com	1 redirects
1	match.justpremium.com	eu-u.openx.net
1	pixel-sync.sitescout.com	1 redirects
1	openx2-match.dotomi.com	eu-u.openx.net
1	j.mrpdata.net	eu-u.openx.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	eu-u.openx.net
1	clientcdn.pushengage.com	www.theepochtimes.com
1	services.epoch.cloud	info.silobreaker.com
1	sync.go.sonobi.com	www.theepochtimes.com
1	static1.mixi.media	www.theepochtimes.com
1	static3.mixi.media	www.theepochtimes.com
1	7dd975ab069b60ceab3f99e4b8f86037.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	target.mixi.media	www.theepochtimes.com
1	static.mixi.media	mixi.media
1	pixel.rubiconproject.com	www.theepochtimes.com
1	certify.alexametrics.com	www.theepochtimes.com
1	www.google.de	www.theepochtimes.com
1	www.google.com	www.theepochtimes.com
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d31qbv1cthcecs.cloudfront.net	info.silobreaker.com
1	secure.quantserve.com	info.silobreaker.com
1	www.youmaker.com	www.theepochtimes.com vs.youmaker.com
1	fonts.gstatic.com	www.theepochtimes.com
1	www.googletagmanager.com	www.theepochtimes.com
1	img.theepochtimes.com	www.theepochtimes.com
193	90

This site contains links to these domains. Also see Links.

Domain
subscribe.theepochtimes.com
service.theepochtimes.com
epochshop.com
offers.theepochtimes.com
t.me
www.facebook.com
twitter.com
jointell.com
mewe.com
www.reddit.com
www.ntd.com
mixi.media

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.theepochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
js.chargebee.com Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
mixi.media R3	`2021-02-13` - `2021-05-14`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-11` - `2021-08-03`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
static.mixi.media R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh
stat.media R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
target.mixi.media R3	`2021-02-13` - `2021-05-14`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.w55c.net Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.mrpdata.net Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-11` - `2021-04-20`	a month	crt.sh

This page contains 19 frames:

Primary Page: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Frame ID: 5897348F421766CA316C6C02245C0EBF
Requests: 117 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: 1F1247AED923DC7FCC97581B9A2D1CB0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D7517553996907DE3BD9D892D1FCF5F7
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiiZtlrbJ3rTKnqFPeRTqgoflMrAiiB4-ub_ldjLecIR7grfPG9QgU7dJeA_CDB9WAdKPm4LbDERHJb-H6PAbuVPsTsjr6ArII1B9lJtJelcJgR0uZKFtWfSHZ-pX0Vj5d5Ajw8dKBegCMJmkvoGNLZPoXqyqZR6cM8GEZyRJ9Vc0QjwiU38HjbtBIYdCpgS-BkkmHI0E7PpbxbqzvZPaCrsH1wJvZ9dMocrnzFs20pxYYVLC1UpJHVT3tgXxEQObWSk_L7QaUv5XqJkXWVu04zAgAzTEJCynHSpjUI4nvn2mTVxgzVDeKR6DeeHtEkvwngrPCFtVMCH9HMkF3dHWK5myJzPGKOJPwAFLz&sai=AMfl-YTVTq3oKhymxItXIK3WBm_m_bYXGdRM6pC6cFUSVVdTgbuONQFcSg80vcFY_I9UCob_qsghhBkaovKkC0qWXE0uRgwO2QiZkgoGyFFfW6_37x0uNsHTBy7hzKdogDY&sig=Cg0ArKJSzAS2u8sPIpMsEAE&urlfix=1&adurl=
Frame ID: EBEE64B4889A03BB716428A9AFA8C296
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhvgywv0eh8sn1XHYjwJXZ2rXPWEXU-7WWP2BXPjH0NN2SXRynr84ZEYW5vmICNIz68c9CWvQKJFWVyl08w6ZSmjAn44oDJ7Wgg3ZGgtSwq6o_hEOuqLg8_VWNbfmib4fe-JXO_sLoviCT2qeDL3VOyUYfuFNLixpXWQsLX4_7eevZgKwGQcibkBWkE4jCGoJAf0E1a4j_TMf3dEvc2NunuGl9bFXNJiAXKDylQfGWsLgmArggFAK_k3xgxklsB4yR7hvzgB6L9ERhWIBaXatz2QCLq_0waTtmel5R3CdTMnYqAf1IdYZY0iNV4DvRh6Ri7Oq3xh_hcRHhsbkSyWkvwFMqMLBQMf4&sai=AMfl-YT1I8OVWlhWT1MUrZW_d1_WC1yyDLP297YnBTPuqiczcK68dfuU-J_gnLoap5HjiHmXqMnlN0PqczhWhYISO3FUtTtqoyf-xpWoEJXwZ2v1E7sX1f7TkyH_Wp4d-Hzb&sig=Cg0ArKJSzLAd3oiVsHYxEAE&urlfix=1&adurl=
Frame ID: 9003EE464E95DD5DC6A3242706939A3B
Requests: 15 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Frame ID: 1351006941B9391CC9D68051F907CF8E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 6164B6345D1BC3B7FC257FF723B7DA32
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 9C313A45CA981751A858D4721349DC10
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6B747E47B3549B195B75D022AC4DACF6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4ABF174E8AB19783B4777E636A600B9A
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Frame ID: FEEB034D35637DA01190E60798950AC2
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C67B8230F6958BBEBA061C5A579CB9A5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8A3B8F35B8AF84D19476842DC14DC910
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D662857DEC37C151032FAB3ABAFA233D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 58F3116C418F89672060DBC4FC98279D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F2F5D5DB6E3B766CA59BBB6EB7CA25EC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A21D68FE2B1BD2B9A51D629DCEF037AC
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 938A20F327C21756579DDAFD17BE1DA9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2B4A6ACCCD3A2E841C69EEBB55857449
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7... HTTP 307
https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hs... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

193
Requests

98 %
HTTPS

27 %
IPv6

55
Domains

90
Subdomains

61
IPs

9
Countries

5936 kB
Transfer

8252 kB
Size

4
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.theepochtimes.com/p/?page=donate01&utm_source=makeadonationtop
Title: MAKE A DONATION

Search URL Search Domain Scan URL

URL: https://service.theepochtimes.com/web/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=subhome
Title: subscribe

Search URL Search Domain Scan URL

URL: https://epochshop.com/
Title: Epoch Shop

Search URL Search Domain Scan URL

URL: https://offers.theepochtimes.com/gift
Title: Gift

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html&text=Trump%20Team%20Examines%20Michigan%20Voting%20Machines
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&url=https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html&via=epochtimes
Title: Tweet

Search URL Search Domain Scan URL

URL: https://jointell.com/posts/new?link=https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html
Title: Tell

Search URL Search Domain Scan URL

URL: https://mewe.com/share?link=https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html
Title: MeWe

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.ntd.com/trump-team-examines-michigan-voting-machines_537010.html
Title: NTD News

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10119067&bl=94729&ct=adpreview&st=43&nvuuid=61677298-379b-0964-6000-0055529a01d9&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=1440323684&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10053247&bl=94729&ct=adpreview&st=43&nvuuid=61667267-377f-0922-6000-0048529901e8&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=1223190306&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10119061&bl=94729&ct=adpreview&st=43&nvuuid=61677273-3795-09f9-6000-007f529a01d6&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=2144760825&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10074926&bl=94729&ct=adpreview&st=43&nvuuid=61bb7237-372e-098d-6000-005a52990147&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=1514616717&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10094743&bl=94729&ct=adpreview&st=43&nvuuid=610872dd-3797-0989-6000-0016529a01dc&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=383573385&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10119387&bl=94729&ct=adpreview&st=43&nvuuid=61687227-37db-094e-6000-000c529a017d&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=209528654&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=9967167&bl=94729&ct=adpreview&st=43&nvuuid=61167254-373f-0975-6000-002f52980140&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=792745077&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=9869481&bl=94729&ct=adpreview&st=43&nvuuid=619872f0-37a9-0991-6000-005c52960146&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=1548152977&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10024396&bl=94729&ct=adpreview&st=43&nvuuid=61f5727c-37cc-09ba-6000-0052529801f5&bvuuid=2ece745c-904c-4214-981d-436527552a4b&rnd=1391819962&ag=25&ev=H4sIAAAAAAAAAONSmX3-Jcv_M09ZpgLpdd-esUyf-ILl9sWXLPvXPGBZufEWy5nXj1kA1mUjDyYAAAA&ab=jsapi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1?_ud=bfd96890-8bdb-4d1e-b29a-7c875648dfb0&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1616011573503&ns_c=UTF-8&c8=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&c7=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1616011573503&ns_c=UTF-8&c8=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&c7=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&c9=&cs_ak_ss=1

Request Chain 109

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDX486xVxCsAhj6ASgBMggm1_uMgk779Q HTTP 301
https://tpc.googlesyndication.com/pimgad/2850316990139415550

Request Chain 133

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Request Chain 138

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Request Chain 144

https://id5-sync.com/s/441/9.gif?puid=e_e7245079-9bc6-4aa8-bcfc-795fe9dfae46&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=e_e7245079-9bc6-4aa8-bcfc-795fe9dfae46&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 145

https://id5-sync.com/s/441/9.gif?puid=e_e01ef22a-197e-45bb-bb6c-51d1acedc96c&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=e_e01ef22a-197e-45bb-bb6c-51d1acedc96c&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 151

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_

Request Chain 152

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx

Request Chain 153

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=

Request Chain 154

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=01f06052-6139-4d00-9fad-415341fa19ec

Request Chain 155

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=kF-Hw5BegciLCofJxVefxpBf0cOLDYDAwFi4MIJh HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=kF-Hw5BegciLCofJxVefxpBf0cOLDYDAwFi4MIJh

Request Chain 156

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPLxEAXHP48y80vucjwQv8&google_cver=1

Request Chain 160

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=581BF557B3B844E9BB1F74D5A4C33E27

Request Chain 162

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4184760768694503253

Request Chain 164

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=

Request Chain 166

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YFJhOgAAAJ1UeFZV HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJhOgAAAJ1UeFZV&_test=YFJhOgAAAJ1UeFZV

Request Chain 167

https://green.erne.co/openx/cm HTTP 302
https://pixel.onaudience.com/?mapped=krk2IipJfjVzjPq7B0yLWfPW&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253Dkrk2IipJfjVzjPq7B0yLWfPW HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253Dkrk2IipJfjVzjPq7B0yLWfPW HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253Dkrk2IipJfjVzjPq7B0yLWfPW HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9eff0c7a7eaec09ae9250558f3b3c95&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253Dkrk2IipJfjVzjPq7B0yLWfPW HTTP 302
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3Dkrk2IipJfjVzjPq7B0yLWfPW HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=krk2IipJfjVzjPq7B0yLWfPW

Request Chain 168

https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6929695690234676093&gdpr=1&gdpr_consent=&us_privacy=

Request Chain 169

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MqgtspxAgJi_6pvHrFZ8SA==&ox_sc=1&ox_init=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MqgtspxAgJi_6pvHrFZ8SA==&ox_sc=1&ox_init=1&google_tc= HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 170

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 172

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 173

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEc2Gd9pzUfcqb7RfLgi4nw&google_cver=1

Request Chain 181

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t

Request Chain 182

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJhOm6zwhevqoHUTTyHsgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1

Request Chain 188

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJhOm6zwhevqoHUTTyHsgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1

Request Chain 189

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELrXlew_3W0hxmwKDMuPtNg&google_cver=1

Request Chain 192

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ffeed686-0d78-430f-99f3-93042e808b13

Request Chain 193

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616097980&gdpr=1

193 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 311ms
165ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7b68de65c86ca6b6ae720b35835fc741fbbde94949ff6dd39d7e40b67746eb

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:10 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d758e24b9ad6a7d805bb90b73dccb09751616011570; expires=Fri, 16-Apr-21 20:06:10 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=d26f8125371c45e1951ef92ab7ca55c5a5dda6e4-1616011570; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 6318d71b2dfcc791-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08e364c4fb0000c791bb856000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c8Qqgl32gGfFPW9SaG8uB2ISJmLSrjYcnRVseFWvij8PpMDCECR96ms25v5qNMSCgbtGpnQf57YZHvsXMA1f8tQLC9LBXulfO4ny6SRzRrZeKDyl%2Bw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request trump-team-examines-michigan-voting-machines_3607935.html Show response
www.theepochtimes.com/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW11...
https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbz...

38 KB
10 KB

555ms
432ms

Document
text/html

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

0c42391c453acd0e021e210a8236d6eed421c0e50f378517d7a1e9b2e3a98cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.theepochtimes.com
:scheme: https
:path: /trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1

Response headers

date: Wed, 17 Mar 2021 20:06:11 GMT
accept-ranges: bytes
cache-control: max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-hw: 1616011570.cds017.lo4.hn,1616011570.cds003.lo4.sc,1616011571.cds003.lo4.p
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-device: desktop
x-cache-status: MISS

Redirect headers

date: Wed, 17 Mar 2021 20:06:10 GMT
location: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
cf-ray: 6318d71c3804c791-AMS
link: <https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08e364c5a70000c791dc048000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IlBYZdMJwlr8hEwHv7J60RH9XxbwGbgPSIn1KMRBdQV%2FoAZWX2WPbN%2BpYPpcYURKKd8wBuo94sS5bh4t5wjQ%2Bn1LAPbqAKbHMs%2BGyiZ1J5Q79B9uQw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare

GET
H2 200 template.css
subs.youmaker.com/lib/ 8 KB
9 KB 263ms
152ms Stylesheet
text/css 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css?ver=20200716
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: 2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:11 GMT
via: 1.1 google
last-modified: Wed, Mar 17 2021 19:32:55 GMT
server: nginx/1.16.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
alt-svc: clear
content-length: 8659

GET
H2 200 single-merge.min.css
www.theepochtimes.com/assets/themes/eet/css/ 90 KB
39 KB 63ms
63ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

298e3fba84778bc37293218f1a95cd2e8d67bf9f5b820476ccc57854c99ad88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 19:45:25 GMT
server: nginx
x-microcachable: 0
etag: W/"60510ad5-166dd"
x-hw: 1616011571.cds017.lo4.hn,1616011571.cds103.lo4.c
content-type: text/css
cache-control: max-age=1800
content-length: 39889
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 308ms
164ms Script
application/javascript 13.32.167.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.167.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-167-78.hel50.r.cloudfront.net
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:59:37 GMT
content-encoding: gzip
server: Server
age: 395
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 07c325e1e193f25e3673c49cf7dde57c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: MRY4iaU3_IyZisMsfR6TFNa-wrSmrTpH-FitBIWl_7sIAe6vC1c0WA==

GET
H2 200 prebid.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 290 KB
107 KB 111ms
109ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 23:01:12 GMT
server: nginx
etag: W/"60494fb8-48619"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds101.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 109413
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 logo_eet.svg
www.theepochtimes.com/assets/themes/eet/images/ 16 KB
6 KB 212ms
210ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/logo_eet.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Aug 2018 21:43:01 GMT
server: nginx
etag: "5b807be5-3f5c"
x-cache-status: HIT
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds278.lo4.sc,1616011572.cds278.lo4.pr
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 5932
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 michigan-poll--300x180.jpg
img.theepochtimes.com/assets/uploads/2020/11/10/ 12 KB
12 KB 139ms
131ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/11/10/michigan-poll--300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 10822d0059f3e80886451b779f3adddf54aa3748c76f352fe6966d51f871b3d7

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
last-modified: Tue, 10 Nov 2020 21:09:36 GMT
server: nginx
etag: "5fab0190-3089"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds020.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12425

GET
H2 200 7e9f1cbb-2556-46f9-af39-1ed5c414efe6 Show response
vs.youmaker.com/assets/player/ 14 KB
4 KB 684ms
551ms Script
application/json 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/player/7e9f1cbb-2556-46f9-af39-1ed5c414efe6?r=1280x720&cat=archived/2020-election/videos-2020-election&noads=true&api=7&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c7357112338adcf3f4ef5b241dde023a5914ca82bda842708591d81b2a824512

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1616011571.cds056.lo4.hn,1616011571.cds009.lo4.sc,1616011572.dop054.ch4.r,1616011572.cds136.ch4.sc,1616011572.cds136.ch4.p,1616011572.cds009.lo4.p
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 white.png
www.theepochtimes.com/assets/themes/eet/images/ 95 B
222 B 254ms
207ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
x-microcachable: 0
etag: "59bae35d-5f"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds234.lo4.sc,1616011572.cds234.lo4.pr
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 EET_footer.png
www.theepochtimes.com/assets/themes/eet/images/ 7 KB
7 KB 254ms
208ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/EET_footer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Aug 2018 19:13:08 GMT
server: nginx
x-microcachable: 0
etag: "5b7db5c4-1d36"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds036.lo4.sc,1616011572.cds036.lo4.pr
content-type: image/png
cache-control: max-age=315360000
content-length: 7478
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 jquery-all.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 98 KB
40 KB 203ms
203ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:26 GMT
server: nginx
x-microcachable: 0
etag: "59bae35e-188ff"
x-hw: 1616011571.cds017.lo4.hn,1616011571.cds042.lo4.sc,1616011572.cds042.lo4.pr
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 42 KB
14 KB 72ms
72ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20210317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

806074d527f1c3a23001f4fa4d41dcb10a6a6dd95152d9b7bfa486a7106ff522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 19:31:16 GMT
server: nginx
x-microcachable: 0
etag: W/"60525904-a7d6"
x-hw: 1616011571.cds017.lo4.hn,1616011571.cds101.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 13898
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.youmaker.com/lib/ 236 KB
237 KB 153ms
153ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: 70f8b3df85520078131c6e473c9863e125171b18d2d3a4bb1ea4949484dde45a

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
via: 1.1 google
last-modified: Wed, Mar 17 2021 19:32:55 GMT
server: nginx/1.16.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
alt-svc: clear
content-length: 242036

GET
H2 200 remark.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 5 KB
2 KB 71ms
70ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20210306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

29553a07bd8075277a457a30e9a0bf7b7274c8f7c0adb2eb549ca8b154d58199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 19:45:50 GMT
server: nginx
x-microcachable: 0
etag: W/"60510aee-1455"
x-hw: 1616011571.cds017.lo4.hn,1616011571.cds272.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 1689
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 article_ads_prebid.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 42 KB
12 KB 73ms
72ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20210315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

3375a2080070224dbaf34fffedc09a5fe36d95f41f8b397fe7c61594caaad0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 17:40:09 GMT
server: nginx
x-microcachable: 0
etag: W/"604f9bf9-a8e4"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds035.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 12107
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2267
date: Wed, 17 Mar 2021 19:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Mar 2021 21:28:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
40 KB 68ms
10ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea6ad4592a02b98c195b7770740a1014fe0b5cebfb7768caa905c07c76f225f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40705
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 18:15:10 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Mar 2021 20:06:12 GMT

GET
H2 200 telegram-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 51 KB
51 KB 73ms
73ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/telegram-icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 18:28:18 GMT
server: nginx
etag: "601aeb42-cbf6"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds021.lo4.c
content-type: image/png
cache-control: max-age=1800
content-length: 52214
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 tell-icon.svg
www.theepochtimes.com/assets/themes/eet/images/ 721 B
456 B 176ms
155ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/tell-icon.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 20:21:24 GMT
server: nginx
etag: "60341244-2d1"
x-cache-status: HIT
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds209.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 346
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 mewe-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 2 KB
2 KB 638ms
633ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/mewe-icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 18:28:17 GMT
server: nginx
etag: "601aeb41-772"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds060.lo4.sc,1616011572.cds060.lo4.pr
content-type: image/png
cache-control: max-age=315360000
content-length: 1906
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 plus-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 465 B
573 B 160ms
156ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/plus-icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 18:28:17 GMT
server: nginx
etag: "601aeb41-1d1"
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds003.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 465
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 D-DINCondensed-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 57 KB
57 KB 253ms
205ms Font
font/opentype 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DINCondensed-Bold.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e454"
x-cache-status: HIT
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds003.lo4.sc,1616011572.cds003.lo4.pr
content-type: font/opentype
cache-control: max-age=315360000
content-length: 58452
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 58 KB
59 KB 269ms
222ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e9d4"
x-cache-status: HIT
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds073.lo4.sc,1616011572.cds073.lo4.pr
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 59860
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v10/ 14 KB
14 KB 56ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:19:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:00:46 GMT
server: sffe
age: 596788
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14200
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:19:44 GMT

GET
H2 200 D-DIN-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 59 KB
59 KB 250ms
214ms Font
font/opentype 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN-Bold.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.theepochtimes.com
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-eb1c"
x-cache-status: HIT
x-hw: 1616011572.cds017.lo4.hn,1616011572.cds006.lo4.sc,1616011572.cds006.lo4.pr
content-type: font/opentype
cache-control: max-age=315360000
content-length: 60188
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02868658f7676e21ce2349178a1eebe74106380a88e14f5e453b1a2e35e0e6dc

Request headers

Origin: https://www.theepochtimes.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 epochplayer7.min.css
vs.youmaker.com/assets/css/ 39 KB
10 KB 58ms
57ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/css/epochplayer7.min.css
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/7e9f1cbb-2556-46f9-af39-1ed5c414efe6?r=1280x720&cat=archived/2020-election/videos-2020-election&noads=true&api=7&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1616011572.cds056.lo4.hn,1616011573.cds031.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 10303
via: 1.1 google

GET
H2 200 epochplayer7.ext.css
vs.youmaker.com/assets/css/ 2 KB
720 B 69ms
69ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/css/epochplayer7.ext.css
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/7e9f1cbb-2556-46f9-af39-1ed5c414efe6?r=1280x720&cat=archived/2020-election/videos-2020-election&noads=true&api=7&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b4944e3da4133e749883b8219093e5bae1dc98369daf0471ff890a058e325106

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1616011573.cds056.lo4.hn,1616011573.cds045.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 650
via: 1.1 google

GET
H2 200 epochplayer7.min.js Show response
vs.youmaker.com/assets/js/ 489 KB
137 KB 68ms
67ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/7e9f1cbb-2556-46f9-af39-1ed5c414efe6?r=1280x720&cat=archived/2020-election/videos-2020-election&noads=true&api=7&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d158808063fa7bb1ceeff3620bdc8d87ba19c4784032554f915d274cc8769c94

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1616011573.cds056.lo4.hn,1616011573.cds081.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 139915
via: 1.1 google

GET
H2 200 epochplayer7.ext.min.js Show response
vs.youmaker.com/assets/js/ 8 KB
3 KB 132ms
131ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/js/epochplayer7.ext.min.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/7e9f1cbb-2556-46f9-af39-1ed5c414efe6?r=1280x720&cat=archived/2020-election/videos-2020-election&noads=true&api=7&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7221c626d8cf9f003f4bd3f8c04622896e240b91e2ce4f62da257ff2cc94d694

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1616011573.cds056.lo4.hn,1616011573.cds260.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 2811
via: 1.1 google

GET
H2 200 backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 1 KB
731 B 214ms
213ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202103016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
etag: "59bae35d-498"
x-hw: 1616011573.cds017.lo4.hn,1616011573.cds046.lo4.sc,1616011573.cds046.lo4.pr
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 579
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 217ms
71ms XHR
application/javascript 13.32.167.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.167.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-167-78.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62503
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Wed, 17 Mar 2021 02:44:31 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f9d8d85c1cdd8d752a5fcdb241623dfa.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: ABMkX3pcrUv884ZkqQUWcdsiXJuXaJccdFmqKw4zxkdDV-Hsbf5abQ==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
74 B 16ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=650212575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&dp=%2Ftrump-team-examines-michigan-voting-machines_3607935.html&ul=en-us&de=UTF-8&dt=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABBAAAAC~&jid=1665864838&gjid=1288003468&cid=357309160.1616011573&uid=anon6e6a-3882-4556-a123-0b72745ea99d&tid=UA-10465455-30&_gid=1546088848.1616011573&_r=1&_slc=1&cd1=136852&cd3=%3B2020-election-115936%3Bbattleground-states-139901%3Bmichigan-139903%3Bus-politics-7026%3Bus-13%3Bus-news-14%3Bvideos-2020-election-136852%3B&cd4=%3Baustralia-lead-story-110520%3Baustralia-top-news-100612%3B&cd5=%3B2020-election-115936%3Bbattleground-states-139901%3Bmichigan-139903%3Bus-politics-7026%3Bus-13%3Bus-news-14%3Bvideos-2020-election-136852%3Baustralia-lead-story-11%3B&cd21=3607935&cd23=NTD%20Television&cd26=Videos&cd28=%3B2020%20Election%3BBattleground%20States%3BMichigan%3BPolitics%3BUS%3BUS%20News%3BVideos%3B&cd29=%3BMichigan%3BDominion%3BJenna%20Ellis%3BRudy%20Giuliani%3B&cd30=20201207&cd31=20201207&cd33=249&cd42=%3Bmichigan%3Bdominion%3Bjenna-ellis%3Brudy-giuliani%3B&cd43=post&cd18=anon6e6a-3882-4556-a123-0b72745ea99d&z=182370225

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 counts
comment.youmaker.com/api/v1/ Frame 0
0 239ms
151ms Preflight 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=remark
Protocol: H2
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.theepochtimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.16.1
date: Wed, 17 Mar 2021 20:06:13 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 300
app-name: remark
app-version: 0.1.2
author: EMG
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google
alt-svc: clear

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 145 KB
44 KB 227ms
83ms Script
application/x-javascript 143.204.202.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.202.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-45.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0ddaa577dbaeffc7bec177a31b0937c08d130fa329fad9889ce1a7935f6b7074

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: COWGrJ8AHlin0TOvaxLa1wne1.209MPt
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 16 Mar 2021 09:34:24 GMT
server: AmazonS3
age: 177
etag: W/"40acfd63f106747112a4deedffd71ffb"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 17 Mar 2021 20:03:17 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iH2tEqe_jKmhdEoG0mrwE_z2INCgFn8J5gZTXMNpCS0PP4TsL9gBCQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 59 KB
20 KB 63ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20210315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be54ec1474ad1493a9db2d2ec0f0d6bb38df3ed2fc1c3a336c8efe2eee3d0b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "815 / 797 of 1000 / last-modified: 1616009968"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19955
x-xss-protection: 0
expires: Wed, 17 Mar 2021 20:06:13 GMT

GET
H2 200 test Show response
www.youmaker.com/g/ 7 B
260 B 162ms
62ms XHR
text/plain 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/g/test
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
via: 1.1 google
server: nginx/1.16.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 7

POST
H2 200 counts Show response
comment.youmaker.com/api/v1/ 1 KB
1 KB 181ms
162ms XHR
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=remark
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: fac4283dac6916ba82185648c34dbb7c11363c02b188a248e7a1edf07a2b77d4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
via: 1.1 google
vary: Origin
alt-svc: clear
content-length: 1198
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 UTC
server: nginx/1.16.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Authorization
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/site/article/ 1 KB
1 KB 294ms
174ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/site/article/count?site=www.theepochtimes.com&user=60912419-0c21-7e95-ee90-dea3d64f3a37&postid=3605155,3607935,3737459,3737902,3737734,3737119,3737979,3737361
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: 27b5eb90bb1eec50918423caa80db7910748a01366ed4ae9531a6ee44a2662eb

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Mar 2021 20:06:13 GMT
via: 1.1 google
server: nginx/1.16.1
alt-svc: clear
content-length: 1052
content-type: application/json;charset=UTF-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 45ms
13ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 42419e0eceece1bd49838c136ab167965345332e8123e6f55688e9db2d770417

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:13 GMT
content-encoding: gzip
etag: "RQ/637iCN5csuZt2vfIyOw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 24 Mar 2021 20:06:13 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 293ms
104ms Script
text/javascript 52.85.115.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-102.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 02:52:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 3345253
ETag: W/"96c08723796affab377d9bb08d631cd0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f74ebd28d1b7fe154fb59d89abda909b.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HEL50-C2
X-Amz-Cf-Id: HV5TO-oGmSi3R9MhH6omKkBdHEOmgG8j_aZ0TsdPFMrakXMbD1OhtQ==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1616011573503&ns_c=UTF-8&c8=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&c7=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-exam...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1616011573503&ns_c=UTF-8&c8=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&c7=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-exa...

0
528 B

48ms
47ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1616011573503&ns_c=UTF-8&c8=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&c7=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&c9=&cs_ak_ss=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:13 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1616011573503&ns_c=UTF-8&c8=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&c7=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:13 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-10465455-30&cid=357309160.1616011573&jid=1665864838&uid=anon6e6a-3882-4556-a123-0b72745ea99d&gjid=1288003468&_gid=1546088848.1616011573&_u=aGBACEAABAAAAC~&z=1291631558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Mar 2021 20:06:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021031101.js Show response
securepubads.g.doubleclick.net/gpt/ 284 KB
100 KB 167ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

801b78af2ab57cfc67d37f8137feac63f1b722b8812dea418b43759e9baddef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 19:23:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102217
x-xss-protection: 0
expires: Wed, 17 Mar 2021 20:06:14 GMT

GET
H2 200 1-b9bda6abbe96332f1914.js Show response
js.chargebee.com/v2/ 55 KB
17 KB 69ms
67ms Script
application/x-javascript 143.204.202.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/1-b9bda6abbe96332f1914.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.202.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-45.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0862f53a75039bd65235b3be393c9a633319d21735a2481ce0630eb378dbe983

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oEaoz5Eb8FQyD9.2FkjIVED0KbrJLteL
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 25 Feb 2021 10:10:31 GMT
server: AmazonS3
age: 213
etag: W/"90d0fa531d3c03dba9e538bf7d9ada72"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 17 Mar 2021 20:02:41 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wk4KSX_fSAPXQfjS019HfCV7Nx43zOmly0Oa5hh4X1sLp4-zB855pA==

GET
H2 200 13-7b3c6d232f8f06ad1a6e.js Show response
js.chargebee.com/v2/ 16 KB
5 KB 71ms
67ms Script
application/x-javascript 143.204.202.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/13-7b3c6d232f8f06ad1a6e.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.202.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-45.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c1daebe320978cff33cb923e9cb1d70b3a943a96407b4bd5086fc72101117125

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9Fqcvkp_HtIHugCILnVkuisxO488Pque
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 16 Mar 2021 09:34:24 GMT
server: AmazonS3
age: 279
etag: W/"e41d77d08a4abfec9e9e9e4b0f4df378"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 17 Mar 2021 20:01:35 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: TIcOqk2Fjol9MrUeGIJ4dCduaFS1cvV8RJGjCL1rwHlcVj79VhwaxA==

GET
H2 200 rules-p-a128V7tctPVtT.js Show response
rules.quantcount.com/ 3 B
357 B 207ms
42ms Script
application/x-javascript 2600:9000:2038:8000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:8000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 01:59:18 GMT
via: 1.1 a875698e08bcdc7b13c04786dfe3a1ad.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:44:26 GMT
server: AmazonS3
age: 65217
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 4V2NN-ePEeThm2B8W8sMLRcEpvV-RFCJtr53DPfBPu4Bedlf38iL6Q==

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 33ms
31ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-10465455-30&cid=357309160.1616011573&jid=1665864838&_u=aGBACEAABAAAAC~&z=1732018125

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-10465455-30&cid=357309160.1616011573&jid=1665864838&_u=aGBACEAABAAAAC~&z=1732018125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 breaking-bar.html Show response
www.theepochtimes.com/assets/uploads/html/breakingnews-bar/ 0
165 B 225ms
223ms XHR
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/uploads/html/breakingnews-bar/breaking-bar.html

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 20:31:31 GMT
server: nginx
etag: "60526723-0"
x-hw: 1616011574.cds017.lo4.hn,1616011574.cds218.lo4.sc,1616011574.cds218.lo4.p
content-type: text/html; charset=utf-8
cache-control: max-age=600
content-length: 0
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H/1.1 200 94729.js Show response
mixi.media/data/js/ 5 KB
3 KB 236ms
139ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/94729.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20210317
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: f8c340a471538e38d2c3776156054c19ecc8399faf560866f2499eac2b96b2f9

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:14 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 17-Mar-2021 20:06:14 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET subtitle
www.youmaker.com/v1/api/video/ 0
0

GET
H2 200 thumbnail_d.jpg
vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/ 25 KB
26 KB 633ms
632ms Image
image/jpeg 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/thumbnail_d.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 240a340447e6715d32872fa89d2e09b20d356dd59b916dc02f051ed8af6c7635

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:14 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1616011574.cds056.lo4.hn,1616011574.cds036.lo4.sc,1616011574.dop059.ch4.r,1616011574.cds188.ch4.sc,1616011574.cds188.ch4.p,1616011574.cds036.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://www.theepochtimes.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
BLOB 200
OK d8cedddb-9958-4807-9fb8-1e1ee761bf3a
https://www.theepochtimes.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.theepochtimes.com/d8cedddb-9958-4807-9fb8-1e1ee761bf3a
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/ 402 B
632 B 646ms
510ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/playlist.m3u8
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4c6ee00c3b96a864f59ad1c63065d69bdd28849844df96b67f2a3cd3c873133b

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:15 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1616011574.cds083.lo4.hn,1616011574.cds230.lo4.sc,1616011574.dop053.ch4.r,1616011574.cds183.ch4.sc,1616011574.cds183.ch4.p,1616011575.cds230.lo4.p
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=9
accept-ranges: bytes
alt-svc: clear
content-length: 402

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 187ms
66ms Image
image/gif 13.226.159.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Trump%20Team%20Examines%20Michigan%20Voting%20Machines&time=1616011574458&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&random_number=17446637156&sess_cookie=dc57dcce17841cbbcb9be3e68c7&sess_cookie_flag=1&user_cookie=dc57dcce17841cbbcb9be3e68c7&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-5.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 04:11:03 GMT
Via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 57311
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: PCF2SmtuXBqBBnBxH85WkjtpF7bKhXLS3V8gvR5hLnucFlW5-5409A==

GET
BLOB 200
OK ab916dc0-dd7c-4132-81a2-5e7008c4b9a6
https://www.theepochtimes.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.theepochtimes.com/ab916dc0-dd7c-4132-81a2-5e7008c4b9a6
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5299
Content-Type: application/javascript

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 189ms
189ms XHR
text/javascript 13.32.167.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&pid=6C6r4bsY4K5zJ&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2FEET_article_top_728x90%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.167.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-167-78.hel50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:14 GMT
via: 1.1 07c325e1e193f25e3673c49cf7dde57c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HEL50-C2
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: QVzumyUCI58PS30Faqdb9f0oKMcE_GBk2Jf4jVXCAlHAiJF4ur2dUA==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 712 B
782 B 170ms
57ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: aa46ae24e6a40546411c66f3c8c8947fc78584cebe256d2c7c8c07b3e84641ef

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:14 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 178 B
529 B 196ms
95ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 851ab764811f7a7dd5b761c4dbb7a1c48b43e7e2dfffc4d4d3f905a478d13eb2

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:14 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 178
Expires: 0

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
481 B 223ms
106ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_top_728x90&cmd=bid&secure=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: db13404a7be9b855a9293a5fc13e1065fb15559a590fb0782e41e1d3540039c7

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 17 Mar 2021 20:06:14 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
840 B 169ms
54ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

cf4e956062c95bc8261015e8999b3be53a17918be867ba76ecad5464d6f08ce4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:14 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 2e8d6683-2c56-4e04-b372-4fdcd905b193
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
epoch-times-d.openx.net/w/1.0/ 173 B
564 B 173ms
65ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1c84d053-9b08-4126-abde-ed2b00ab77ad&nocache=1616011574804&aus=970x250%2C970x90%2C728x90&divIds=sticky_ad_top&auid=538813617
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 261b3ea494e75dccd0028079bc85fe461d33e58f3f0b039184580ef632afe5a0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 628 B
1 KB 199ms
72ms XHR
application/json 52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32025&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Ftrump-team-examines-michigan-voting-machines_537010.html&ns=9216
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-160-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 123531321ccd51b7a4f0653a49b17c75b3ba27d2bffa978e2374b89df77c4885

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
429 B 197ms
76ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Mar 2021 20:06:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
cf-ray: 6318d7378932724b-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 08e364d6ba0000724b6c2e3000000001

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
376 B 179ms
67ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299835&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217dcee98ca783e9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218b6e400b188f9f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221971da9a37a06ec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22208cb960970f332%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b5702d8236f2a44cbdb232f495ce24f9b20ca9d8685b4682a8804488a3aa86b8

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 09
expires: Wed, 17 Mar 2021 20:06:14 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 157ms
154ms XHR
text/javascript 13.32.167.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&pid=6C6r4bsY4K5zJ&cb=1&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.167.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-167-78.hel50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:14 GMT
via: 1.1 07c325e1e193f25e3673c49cf7dde57c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HEL50-C2
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ajQEOphSUWCiJT1a4IXyU4-PfQR9zMDpXoH7UImj7Ry2j3J118RCYg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 178 B
529 B 110ms
109ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 77027cdf2aa9ba4d0972c21c64bf27e1935ea73a7011daccaa73f8be255a20b7

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:15 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 178
Expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
376 B 59ms
58ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299842&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2227cd7635a9f504b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222832d3b36d8aabc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299842%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 91a17ea7d18632bc45ec1dae138e3a0eb6ea5f926167baa69bc7052f6b5e1f96

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 09
expires: Wed, 17 Mar 2021 20:06:14 GMT

GET
H2 200 arj Show response
epoch-times-d.openx.net/w/1.0/ 173 B
356 B 65ms
64ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=77627455-8cc0-41f3-a15e-b4b59c480f21&nocache=1616011574967&aus=300x250&divIds=ad_right_top_300x250_1&auid=538813611
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 9004eb6c3e8bddea7b2b7964c9e6a1f008d32611743359c045e525fb5621c989

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:14 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
481 B 270ms
243ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_right_top_300x250_v3&cmd=bid&secure=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 030aadf0336f41ff3c00b85d2a88d4c2f40af2979c6e6e58701eb3743122abd4

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
840 B 48ms
48ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6a17f7d06cc82d17f169619939756935be5ea8afafa199c2f4990fb69c4e039a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:15 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid: 10bd22f9-8b07-4466-a663-e43a630ad12d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 628 B
1 KB 80ms
79ms XHR
application/json 52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32023&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Ftrump-team-examines-michigan-voting-machines_537010.html&ns=9216
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-160-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 54baf423cb76386ba670701055567f435136554ddc3284bc13e3901ebae9cbf6

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:15 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
191 B 69ms
69ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Mar 2021 20:06:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
cf-ray: 6318d737e963724b-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 08e364d6ee0000724b57b6c000000001

GET
H2 200 pixel;r=506196880;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHD...
pixel.quantserve.com/ 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=506196880;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk;uht=2;fpan=1;fpa=P0-748574618-1616011574998;ns=0;ce=1;qjs=1;qv=e576aef5-20210316173714;cm=;gdpr=0;ref=;d=theepochtimes.com;je=0;sr=1600x1200x24;dst=1;et=1616011574998;tzo=-60;ogl=locale.en_US%2Ctype.article%2Ctitle.Trump%20Team%20Examines%20Michigan%20Voting%20Machines%2Cdescription.A%20judge%20in%20Michigan%20has%20allowed%20a%20forensic%20audit%20of%2022%20Dominion%20machines%20in%20Antr%2Curl.https%3A%2F%2Fwww%252Entd%252Ecom%2Ftrump-team-examines-michigan-voting-machines_537010%252Ehtml%2Csite_name.www%252Etheepochtimes%252Ecom%2Cupdated_time.2020-12-07T15%3A13%3A13-05%3A00%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2020%2F12%2F07%2FRudy-Giuliani-1200x800%252Ej

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 244ms
82ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1 200
OK jsapi.v4.1.0.en_US.js Show response
static.mixi.media/static/jsapi/ 181 KB
57 KB 240ms
126ms Script
application/x-javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v4.1.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: f7371233f60ff84278dd1f1dbdc10632ddfcbda23c1b20ccdfed70b0965a92cc

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 20:55:09 GMT
Server: nginx
ETag: W/"60429aad-2d2f5"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 79 KB
29 KB 1373ms
165ms Script
application/x-javascript 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 83245e30d6ee857fc3e799c70c42d06267e2302803bfadfe9f130eabf9975aad

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 11:34:02 GMT
Server: nginx
ETag: W/"60378b2a-13dc3"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 262ms
151ms Image
image/png 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=94729&siteid=49188&bw=1600&bh=1200&rnd=8247497302029
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Target-Version: 2
Date: Wed, 17 Mar 2021 20:06:15 GMT
X-Target-Final: 20210317230615-0
Server: nginx
X-Target-Host: target2-1.ssel21
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00031
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Wed, 17 Mar 2021 20:06:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 39ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theepochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 44ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
4 KB 721ms
603ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883327115028829&correlator=1762797465056513&output=ldjh&impl=fifs&eid=31060331%2C31060321%2C31060367%2C44739387%2C21069710&vrg=2021031101&ptt=17&sc=1&sfv=1-0-37&ecs=20210317&iu_parts=5965368%2CEET_article_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_2020-election-115936%252Ceet_battleground-states-139901%252Ceet_michigan-139903%252Ceet_us-politics-7026%252Ceet_us-13%252Ceet_us-news-14%252Ceet_videos-2020-election-136852%252Ceet_australia-lead-story-110520%252Ceet_australia-top-news-100612%26EET_post%3D3607935%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid&cookie_enabled=1&bc=31&abxe=1&lmt=1616011575&dt=1616011575228&dlt=1616011571667&idt=2923&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=121&adks=3587454004&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x120&msz=1000x90&ga_vid=357309160.1616011573&ga_sid=1616011575&ga_hid=650212575&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8655acce460b6110f4b0e835796632acb3d19339cb1fc6ab2fbaad55d1001a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3406
x-xss-protection: 0
google-lineitem-id: 5638771654
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342720058
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7dd975ab069b60ceab3f99e4b8f86037.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 193ms
17ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7dd975ab069b60ceab3f99e4b8f86037.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 174ms
8ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/hls_480p/ 463 B
610 B 557ms
555ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/hls_480p/playlist.m3u8
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7efdc7040beec78c424dc8a052a52440543d65908359acf0e9017abfe6202fd5

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:15 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1616011575.cds083.lo4.hn,1616011575.cds203.lo4.sc,1616011575.dop011.ch4.r,1616011575.cds119.ch4.sc,1616011575.cds119.ch4.p,1616011575.cds203.lo4.p
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
alt-svc: clear
content-length: 463

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 769ms
768ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883327115028829&correlator=1762797465056513&output=ldjh&impl=fifs&eid=31060331%2C31060321%2C31060367%2C44739387%2C21069710&vrg=2021031101&ptt=17&sc=1&sfv=1-0-37&ecs=20210317&iu_parts=5965368%2Ceet_article_right_top_300x250_v3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_2020-election-115936%252Ceet_battleground-states-139901%252Ceet_michigan-139903%252Ceet_us-politics-7026%252Ceet_us-13%252Ceet_us-news-14%252Ceet_videos-2020-election-136852%252Ceet_australia-lead-story-110520%252Ceet_australia-top-news-100612%26EET_post%3D3607935%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid&cookie_enabled=1&bc=31&abxe=1&lmt=1616011575&dt=1616011575508&dlt=1616011571667&idt=2923&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=277&adks=2786340635&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=357309160.1616011573&ga_sid=1616011575&ga_hid=650212575&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8b4ce87e4d977de4cf5b68a25edf71862ea138c1556f6616dcf8cb3330c5533d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3400
x-xss-protection: 0
google-lineitem-id: 5632862842
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341529216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getcity Show response
sc.youmaker.com/ 117 B
179 B 166ms
159ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/getcity
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: 8ca3a0c69669bd081bafbf49374bdf4e12b955b515bab6105477562c161cb9b8

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Mar 2021 20:06:15 GMT
via: 1.1 google
server: nginx/1.16.1
alt-svc: clear
content-length: 117
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1F12 8 KB
3 KB 193ms
59ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=122278
Expires: Fri, 19 Mar 2021 06:04:13 GMT
Date: Wed, 17 Mar 2021 20:06:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 5 KB
2 KB 143ms
143ms XHR
application/json 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v4.1.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: b3e87193f91ccf03d3aff2337e53311640f5f6c862ff99e5c6c0a06def57ce8e

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:15 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 17-Mar-2021 20:06:15 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK 8760649.jpeg
static4.mixi.media/img/400x300/ 34 KB
35 KB 212ms
83ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/8760649.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 7d3f18b34b330808408dd8b52e54e2443e067141f02ce90dd351d762ea64ae81

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Mon, 15 Mar 2021 15:41:41 GMT
Server: nginx
ETag: W/"604f8035-178fc"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35139
Expires: Wed, 15 Mar 2023 15:41:49 GMT

GET
H/1.1 200
OK 8711420.jpeg
static6.mixi.media/img/400x300/ 62 KB
62 KB 206ms
84ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/8711420.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: c770f534951eb4356f9674e6e8eb2daf9eabd9f0c835eacc32e5b995e3a57dba

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Tue, 02 Mar 2021 16:06:40 GMT
Server: nginx
ETag: W/"603e6290-15218"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63248
Expires: Thu, 02 Mar 2023 16:06:49 GMT

GET
H/1.1 200
OK 8760645.jpeg
static6.mixi.media/img/400x300/ 24 KB
25 KB 204ms
82ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/8760645.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: c3fc1f0761b1edc852a3757b053f6a00e583e558724009abd0d1d9514092b79d

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Mon, 15 Mar 2021 15:40:29 GMT
Server: nginx
ETag: W/"604f7fed-28f98"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24886
Expires: Wed, 15 Mar 2023 15:40:35 GMT

GET
H/1.1 200
OK 8727257.jpeg
static6.mixi.media/img/400x300/ 37 KB
37 KB 198ms
82ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/8727257.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 11672d316983ca5cca067bd180d2b9f8ce4b6a055fc53cc0ea2b9461db82a4c4

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Sat, 06 Mar 2021 20:21:53 GMT
Server: nginx
ETag: W/"6043e461-25d66"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37633
Expires: Mon, 06 Mar 2023 20:21:59 GMT

GET
H/1.1 200
OK 8742344.jpeg
static3.mixi.media/img/400x300/ 39 KB
40 KB 182ms
75ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/8742344.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: c2631818c9016b9b9c0deefa603f0ef9a97e2da6e3e4eacede18b3b0f9764102

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Thu, 11 Mar 2021 05:43:31 GMT
Server: nginx
ETag: W/"6049ae03-3ab3a"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40230
Expires: Sat, 11 Mar 2023 05:43:38 GMT

GET
H/1.1 200
OK 8760909.jpeg
static1.mixi.media/img/400x300/ 33 KB
33 KB 198ms
80ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.mixi.media/img/400x300/8760909.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 13467e03a384621a6dd0fab46293cbfa7f99ebd30a42f29a875bad616a8f72b4

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Mon, 15 Mar 2021 16:52:19 GMT
Server: nginx
ETag: W/"604f90c3-1284e"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33855
Expires: Wed, 15 Mar 2023 16:52:32 GMT

GET
H/1.1 200
OK 8647098.jpeg
static4.mixi.media/img/400x300/ 39 KB
39 KB 243ms
115ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/8647098.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 4bc246f869d5cea3881fbfad95608c400cd648008e086c7b1f5e1c69ea67ef1c

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Sat, 13 Feb 2021 22:10:42 GMT
Server: nginx
ETag: W/"60284e62-41b8a"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39703
Expires: Mon, 13 Feb 2023 22:10:55 GMT

GET
H/1.1 200
OK 8572487.jpeg
static2.mixi.media/img/400x300/ 40 KB
40 KB 292ms
95ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/8572487.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 632b117e0995b8ebd1339a00c99d139b1dbece365710c0e848eef7a3377be414

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Tue, 26 Jan 2021 02:27:24 GMT
Server: nginx
ETag: W/"600f7e0c-e02f"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40590
Expires: Thu, 26 Jan 2023 02:27:40 GMT

GET
H/1.1 200
OK 8690409.jpeg
static2.mixi.media/img/400x300/ 9 KB
9 KB 242ms
60ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/8690409.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: dab90e9a6deed82a3b82215ca7c08517cf430f30cd2b36c59112c468c13acb4c

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:15 GMT
Last-Modified: Thu, 25 Feb 2021 07:42:45 GMT
Server: nginx
ETag: "603754f5-23e2"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9186
Expires: Sat, 25 Feb 2023 07:43:03 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D751 37 KB
14 KB 68ms
66ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117738
Expires: Fri, 19 Mar 2021 04:48:33 GMT
Date: Wed, 17 Mar 2021 20:06:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D751 0
75 B 233ms
50ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18001497&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:14 GMT
Content-Length: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EBEE 0
0 106ms
99ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiiZtlrbJ3rTKnqFPeRTqgoflMrAiiB4-ub_ldjLecIR7grfPG9QgU7dJeA_CDB9WAdKPm4LbDERHJb-H6PAbuVPsTsjr6ArII1B9lJtJelcJgR0uZKFtWfSHZ-pX0Vj5d5Ajw8dKBegCMJmkvoGNLZPoXqyqZR6cM8GEZyRJ9Vc0QjwiU38HjbtBIYdCpgS-BkkmHI0E7PpbxbqzvZPaCrsH1wJvZ9dMocrnzFs20pxYYVLC1UpJHVT3tgXxEQObWSk_L7QaUv5XqJkXWVu04zAgAzTEJCynHSpjUI4nvn2mTVxgzVDeKR6DeeHtEkvwngrPCFtVMCH9HMkF3dHWK5myJzPGKOJPwAFLz&sai=AMfl-YTVTq3oKhymxItXIK3WBm_m_bYXGdRM6pC6cFUSVVdTgbuONQFcSg80vcFY_I9UCob_qsghhBkaovKkC0qWXE0uRgwO2QiZkgoGyFFfW6_37x0uNsHTBy7hzKdogDY&sig=Cg0ArKJSzAS2u8sPIpMsEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Mar 2021 20:06:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBEE 112 KB
34 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615840882416834"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Wed, 17 Mar 2021 20:06:16 GMT

GET
H2 200 5143053250649140976
tpc.googlesyndication.com/simgad/ Frame EBEE 84 KB
84 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5143053250649140976?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f46c91e0283141c119a6f8be03ed504be4fcc11931f6d3ba9d328359159381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 05:57:20 GMT
x-content-type-options: nosniff
age: 50936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85858
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 22:24:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 05:57:20 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615840876344261"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28211
x-xss-protection: 0
expires: Wed, 17 Mar 2021 20:06:16 GMT

GET
BLOB 200
OK bf33e066-5bad-4395-bfe0-0aa1828bdd4a
https://www.theepochtimes.com/ 51 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.theepochtimes.com/bf33e066-5bad-4395-bfe0-0aa1828bdd4a
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4876add1f3b7a1218d91c56cba2d3045fa4a3b43b1c67480ceb5bc933dc99ca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 52449
Content-Type: application/javascript

GET
H2 200 out0000.ts Show response
vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/hls_480p/ 579 KB
580 KB 629ms
605ms XHR
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/1207/7e9f1cbb-2556-46f9-af39-1ed5c414efe6/hls_480p/out0000.ts
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 14895f79face5c69cc7424a4febac0c741a44dd6d0cf589d6221c8fd0b1cd136

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:16 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1616011576.cds083.lo4.hn,1616011576.cds223.lo4.sc,1616011576.dop073.ch4.r,1616011576.cds005.ch4.sc,1616011576.cds005.ch4.p,1616011576.cds223.lo4.p
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9003 0
0 80ms
76ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhvgywv0eh8sn1XHYjwJXZ2rXPWEXU-7WWP2BXPjH0NN2SXRynr84ZEYW5vmICNIz68c9CWvQKJFWVyl08w6ZSmjAn44oDJ7Wgg3ZGgtSwq6o_hEOuqLg8_VWNbfmib4fe-JXO_sLoviCT2qeDL3VOyUYfuFNLixpXWQsLX4_7eevZgKwGQcibkBWkE4jCGoJAf0E1a4j_TMf3dEvc2NunuGl9bFXNJiAXKDylQfGWsLgmArggFAK_k3xgxklsB4yR7hvzgB6L9ERhWIBaXatz2QCLq_0waTtmel5R3CdTMnYqAf1IdYZY0iNV4DvRh6Ri7Oq3xh_hcRHhsbkSyWkvwFMqMLBQMf4&sai=AMfl-YT1I8OVWlhWT1MUrZW_d1_WC1yyDLP297YnBTPuqiczcK68dfuU-J_gnLoap5HjiHmXqMnlN0PqczhWhYISO3FUtTtqoyf-xpWoEJXwZ2v1E7sX1f7TkyH_Wp4d-Hzb&sig=Cg0ArKJSzLAd3oiVsHYxEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9003 112 KB
34 KB 73ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615840882416834"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Wed, 17 Mar 2021 20:06:16 GMT

GET
H3-Q050

200

2850316990139415550
tpc.googlesyndication.com/pimgad/ Frame 9003
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDX486xVxCsAhj6ASgBMggm1_uMgk779Q
https://tpc.googlesyndication.com/pimgad/2850316990139415550

5 KB
5 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/2850316990139415550

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebdba45316ab144755389e758bc44951cfaf4ff202820993444b7beac44cd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 05:24:12 GMT
x-content-type-options: nosniff
age: 52924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4685
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 22:33:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 05:24:12 GMT

Redirect headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 06:51:42 GMT
x-content-type-options: nosniff
server: cafe
age: 47674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/pimgad/2850316990139415550
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Apr 2021 06:51:42 GMT

GET
DATA 200
OK truncated
/ Frame 9003 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9003 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EBEE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1cb9bcd7767b9194b209d68f038ac7754c531dae3ffd0abcc9e6ed89973d5e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
509 B 245ms
81ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D0%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:16 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 206 video_360p.mp4
vs.youmaker.com/assets/000549d4-ed94-4fca-6909-5b9b3704b382/ Frame 9003 3 MB
3 MB 56ms
55ms Media
video/mp4 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/000549d4-ed94-4fca-6909-5b9b3704b382/video_360p.mp4
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/trump-team-examines-michigan-voting-machines_3607935.html?_hsmi=96965274&_hsenc=p2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 75f19150dfa2e2d026e73e0856eea5e30b3bcbdf120069041d1668c29118f30a

Request headers

Referer: https://www.theepochtimes.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 Mar 2021 20:06:16 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1616011576.cds056.lo4.hn,1616011576.cds075.lo4.c
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=3600
Content-Range: bytes 0-3288023/3288024
accept-ranges: bytes
alt-svc: clear
Content-Length: 3288024

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EBEE 0
0 157ms
103ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZL4LfFSM6A5AAXEMMhg9g15bMcFLgETiV4htyOGJ7jpq6Fr4PWjR7gxGuZ2C8uJvRo4dcBL4etWNGibtfIPFcseooqcWOhTmqQelLDuop0EwgV6yVA7OFPH1pWYjTLU1xMoG0T3vXRq2fM3Ji2k0etFAzzVRdmyECU1m09-2JEmW5Z0B4RqxYyuIbtp9nPXSyY6cdMISQpOiqTW_BA189bo-oLrJVWVnQV29TfUX0MBnFw369bL8SIrZLCbYVXBTyTuBNrPIFVEO-00iocqFtAR73qfxsZDa0ldhwspz34HiyanPHk6_PZ5g4dxViHc87Cw&sai=AMfl-YRUuA-nR6fmI0cn9q0-Zu2G5GznLsVNQuOaNaubHWcguK_cKywRXYQfhsfG30JsN1O66UQnViQOku7tazOqFPu2eh5Gwm7x-Wrl2wMEIdlBUWkDtChPOyi5MNbMfUw&sig=Cg0ArKJSzOzokiNaP7H5EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Mar 2021 20:06:16 GMT

GET
DATA 200
OK truncated
/ Frame 9003 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9003 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9003 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9003 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9003 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9003 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d97a3ce5f5e38afd7a073742d934241b038aba6c537dfd5b446ee6af8697960

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 203 B
882 B 100ms
98ms Script
application/javascript 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=CKSAAxIkYjQ4YTkyNTktYzdiYi00MDUwLTgxZDQtNzFiNzI0MWE3YzczGNH4ro6ELyIkNmU2OTUwMGMtMDAzYi00MzRlLTkwNzEtMjZjODJiMmE5OTdh&cb=_callbacks____0kmdvkgzi
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1985ff197e1e74d315a525f00cbc64fc78f2aa87179304019178aa7aa03cdebf

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 9003 196 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9003 0
0 91ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstprwJfuDm78akYYGAx4fRmnPYizvV9bEOoJezp8sdKKcHu6TG-oX0QhXF_ac0K0lDIUIpNv1Dm3gpv5hLJF-FB4rIGOVcSwFFKP7uF__VxRVTckswBieWaSuxlI_nRBNnSYPf3rg36ZI3LuUtYHKbHmVaTIE4fAdKafqTs9kUyUEkSCTb1PT_lYoxFxP5WeFxEB0U2nprRcqdPJIYtzvQy4DZyH6kGblxrkeA0eF8e-Bz2ronwCCLgTvdVFxnXBDH2BvHBWVqz_I8ZAoSyyRoVOBJThjhin4keTKftxBZXAxTaknLE6j0FwTbVH0PjGxNfHCvVBBDJehB2qQA&sai=AMfl-YRuSYQD15wdEzrMOdpJVQbDtjoLF7l6k_qo8d2LeGcOdmpH6aA0sVgzk655_VvVDJ6LlB1wQPwLfYKYTKea7odReo8aqZIeesFHErG_xpEISW9G0VA8teq-GsJUd4Wy&sig=Cg0ArKJSzHZlmpRWKYKuEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Mar 2021 20:06:17 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 277ms
97ms XHR
text/plain 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 17 Mar 2021 20:06:17 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/24003086/ 0
400 B 53ms
51ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/24003086/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Sat, 20 Mar 2021 20:06:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 65ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87fcea2e59b8d04ad3774fa1d99004b047595cd346b8600f6bde088d9192afd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6486
x-xss-protection: 0

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 308ms
104ms XHR
text/plain 46.161.36.24
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 17 Mar 2021 20:06:17 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: R1CiGoJws2ZsEhUxxExOfN2YmuYCxp22h9RYsJcWyih5EDNkDQ3Fwh52t/Z87+rTGEq9u15VQK7rzzAqd4LHqw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Mar 2021 20:06:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 push_notif.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 124ms
18ms Script
application/javascript 2606:4700:e6::ac40:ca05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 414
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e364df5100004e67280f8000000001
last-modified: Thu, 17 Sep 2020 15:46:03 GMT
server: cloudflare
etag: W/"5f6384bb-18fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YQv3CxFULgPfFg5Y7NMM%2BLJmDFMWwtSFOT04z3JpbGab1MwuvppxQe%2FXAvHqS1VtpM2QZTh6oM%2B4yQ0ENGe9J1LeYrzoY2RwFTPD8mWeQy%2FFg9nn7AXDGFIFm48rgADlSQ%3D%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6318d7454b554e67-FRA

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 97ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 17 Mar 2021 20:06:17 GMT

GET
H2 200 179006610034452 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/179006610034452?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c99450475735188cbef043da43e7f2db0a69a80b93d220106bba665da279b54

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: cadX51O0rhD6CmEVU075cdgpytI9dp5UXjJ/c1r+drxtHVYiHpg76cFU5ZfOKcbFBtwa43SK8+XArxwIkJBGUw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Mar 2021 20:06:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 1351
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

1007 B
864 B

68ms
68ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 3c817dcd23aa1b42cb425021c3aa0e3d2049e649f1b3be0a07decfa0562b1dfc

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3e5298d7-9c41-0641-0348-1f981b68750f|1616011577
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=3e5298d7-9c41-0641-0348-1f981b68750f|1616011577; Version=1; Expires=Thu, 17-Mar-2022 20:06:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616011577|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 01-Apr-2021 20:06:17 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 17 Mar 2021 20:06:17 GMT
content-type: text/html
content-length: 547
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=3e5298d7-9c41-0641-0348-1f981b68750f|1616011577; Version=1; Expires=Thu, 17-Mar-2022 20:06:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
date: Wed, 17 Mar 2021 20:06:17 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 6164 0
0 82ms
78ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 17 Mar 2021 20:06:17 GMT
set-cookie: __cfduid=d7610eced6ca831ca8df881a8713d144a1616011577; expires=Fri, 16-Apr-21 20:06:17 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 08e364df9a0000724b723db000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6318d745cf0d724b-AMS

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 9C31 0
0 70ms
70ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

date: Wed, 17 Mar 2021 20:06:17 GMT
set-cookie: __cfduid=d7610eced6ca831ca8df881a8713d144a1616011577; expires=Fri, 16-Apr-21 20:06:17 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 08e364dfa20000724b590ee000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6318d745cf11724b-AMS

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6B74 2 KB
1 KB 221ms
67ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 17 Mar 2021 20:06:17 GMT
Content-Length: 1151
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4ABF 37 KB
14 KB 73ms
73ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=2:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117736
Expires: Fri, 19 Mar 2021 04:48:33 GMT
Date: Wed, 17 Mar 2021 20:06:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

814 B
804 B

74ms
56ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 1f26dd5f86bc38310baf2ba221e2b460483d1be8aa7df86d62a2530eb5b8cace

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3e5298d7-9c41-0641-0348-1f981b68750f|1616011577; pd=v2|1616011577|mOgegqnskin0vNomiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=3e5298d7-9c41-0641-0348-1f981b68750f|1616011577; Version=1; Expires=Thu, 17-Mar-2022 20:06:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616011577|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi; Version=1; Expires=Thu, 01-Apr-2021 20:06:17 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 17 Mar 2021 20:06:17 GMT
content-type: text/html
content-length: 478
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=34be0c17-1947-0ebb-2e76-259b7405c9b6|1616011577; Version=1; Expires=Thu, 17-Mar-2022 20:06:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
date: Wed, 17 Mar 2021 20:06:17 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C67B 2 KB
1 KB 190ms
64ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 17 Mar 2021 20:06:17 GMT
Content-Length: 1151
Connection: keep-alive

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8A3B 281 B
554 B 147ms
47ms Document
text/html 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Mar 2021 20:06:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D662 52 KB
17 KB 232ms
83ms Document
text/html 104.108.144.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-200.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 18 Mar 2021 20:06:19 GMT
Date: Wed, 17 Mar 2021 20:06:17 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 58F3 37 KB
14 KB 136ms
73ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=2:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117736
Expires: Fri, 19 Mar 2021 04:48:33 GMT
Date: Wed, 17 Mar 2021 20:06:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F2F5 52 KB
17 KB 269ms
99ms Document
text/html 104.108.144.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-200.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.theepochtimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 18 Mar 2021 20:06:19 GMT
Date: Wed, 17 Mar 2021 20:06:17 GMT
Connection: keep-alive

GET
H2

200

match
ice.360yield.com/ul_cb/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=e_e7245079-9bc6-4aa8-bcfc-795fe9dfae46&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=e_e7245079-9bc6-4aa8-bcfc-795fe9dfae46&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...

43 B
198 B

62ms
55ms

Image
image/gif

52.59.46.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.46.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Mar 2021 20:06:20 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
date: Wed, 17 Mar 2021 20:06:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
ice.360yield.com/ul_cb/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=e_e01ef22a-197e-45bb-bb6c-51d1acedc96c&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=e_e01ef22a-197e-45bb-bb6c-51d1acedc96c&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...

43 B
198 B

63ms
55ms

Image
image/gif

52.59.46.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.46.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Mar 2021 20:06:20 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrZZkgrPQgZxDtFpNda0TWzxgyXr2mIPu6SaZeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
date: Wed, 17 Mar 2021 20:06:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 b413bf4fa936cc351ac6476e0df69b50.js Show response
clientcdn.pushengage.com/core/ 74 KB
18 KB 260ms
87ms Script
application/javascript 143.204.202.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 19b6ed1a409a3f2ad1035deb5271ba1df30efb26c60712c7c4c42cec28911de6

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:05:47 GMT
content-encoding: gzip
server: nginx
age: 30
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 7pkieCCETdnQNa1oQklvPvgc-0oXfeVqf51ptDtKjsXDjam2WJPcGA==
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A21D 12 KB
5 KB 13ms
10ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theepochtimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theepochtimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 17 Mar 2021 18:26:59 GMT
expires: Thu, 17 Mar 2022 18:26:59 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5958
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179006610034452&ev=PageView&dl=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&rl=&if=false&ts=1616011577730&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616011577715.904299754&it=1616011577166&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 17 Mar 2021 20:06:17 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBEE 42 B
479 B 75ms
52ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUvIyfnQzbin6hU3bAkHf2gK6_5XIM2KDy0FNl8ODUp4bj3BJSUXksCdbXl8HnBa7BI9BqnkNJGSIhMmo1gu1yGTJ3xf0vg3uEHE1PjKY&sig=Cg0ArKJSzCXKczSYWB_qEAE&id=osdim&mcvt=1254&p=121,315,371,1285&mtos=1254,1254,1254,1254,1254&tos=1254,0,0,0,0&v=20210315&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3587454004&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1616011576142&dlt=0&rpt=434&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7939c1ca-a56a-abff-6849-c18580188bbb
pr-bh.ybp.yahoo.com/sync/openx/ Frame 1351 43 B
837 B 185ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7939c1ca-a56a-abff-6849-c18580188bbb?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204

ping_match.gif
pm.w55c.net/ Frame 1351
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_

0
420 B

58ms
55ms

Image
text/plain

18.159.182.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.182.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:19 GMT
Cache-Control: no-cache, must-revalidate
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Connection: keep-alive
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:17 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 1351
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx

43 B
145 B

56ms
56ms

Image
image/gif

52.57.142.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?ssp=openx
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.142.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?ssp=openx
date: Wed, 17 Mar 2021 20:06:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1351
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://us-u.openx.net/w/1.0/sd?id=537125688&val=

43 B
106 B

54ms
53ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1351
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=01f06052-6139-4d00-9fad-415341fa19ec

43 B
106 B

66ms
63ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=01f06052-6139-4d00-9fad-415341fa19ec
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 17 Mar 2021 20:06:13 GMT
Server: MT3 3611 f10363c master zrh-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=01f06052-6139-4d00-9fad-415341fa19ec
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 17 Mar 2021 20:06:12 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1351
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=kF-Hw5BegciLCofJxVefxpBf0cOLDYDAwFi4MIJh
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=kF-Hw5BegciLCofJxVefxpBf0cOLDYDAwFi4MIJh

43 B
106 B

59ms
57ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=kF-Hw5BegciLCofJxVefxpBf0cOLDYDAwFi4MIJh
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=kF-Hw5BegciLCofJxVefxpBf0cOLDYDAwFi4MIJh
date: Wed, 17 Mar 2021 20:06:18 GMT
via: 1.1 google
server: OXGW/16.203.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1351
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22

35 B
233 B

64ms
56ms

Image
image/gif

37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=22

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:18 GMT
server: nginx
location: https://c1.adform.net/serving/cookie/match?CC=1&party=22
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1351 70 B
265 B 295ms
76ms Image
image/gif 54.216.86.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=edfea78e-35c6-39b6-599e-d7707f4f46f2&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.86.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1351 170 B
243 B 105ms
73ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE5MTc0NDQtZmNiMS02NzEyLTRjN2UtOGRjOWI1YWQ4ODky

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1351
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPLxEAXHP48y80vucjwQv8&google_cver=1

43 B
122 B

59ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPLxEAXHP48y80vucjwQv8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPLxEAXHP48y80vucjwQv8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=581BF557B3B844E9BB1F74D5A4C33E27

43 B
106 B

62ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=581BF557B3B844E9BB1F74D5A4C33E27
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 17 Mar 2021 20:06:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=581BF557B3B844E9BB1F74D5A4C33E27
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 16 Mar 2021 20:06:18 GMT

GET
H/1.1 504
GATEWAY_TIMEOUT c.html
j.mrpdata.net/ Frame FEEB 0
75 B 428ms
55ms Image
text/plain 3.123.45.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ex=OpenX
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.45.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4184760768694503253

43 B
106 B

55ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4184760768694503253
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: c69cc0a7-6306-4c17-9a54-ab0681ae3b8c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4184760768694503253
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame FEEB 0
104 B 136ms
65ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=

43 B
106 B

58ms
57ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:18 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 ox
match.justpremium.com/match/ Frame FEEB 43 B
322 B 427ms
60ms Image
image/gif 35.157.227.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/ox?ex_uid=a77f697e-6277-03dc-0b80-51467e3a05c8
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.227.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:18 GMT
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YFJhOgAAAJ1UeFZV
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJhOgAAAJ1UeFZV&_test=YFJhOgAAAJ1UeFZV

43 B
106 B

64ms
63ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJhOgAAAJ1UeFZV&_test=YFJhOgAAAJ1UeFZV
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616011580.226328,VS0,VE0
x-served-by: cache-hhn4033-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJhOgAAAJ1UeFZV&_test=YFJhOgAAAJ1UeFZV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://green.erne.co/openx/cm
https://pixel.onaudience.com/?mapped=krk2IipJfjVzjPq7B0yLWfPW&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9eff0c7a7eaec09ae9250558f3b3c95&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3Dkrk2IipJfjVzjPq7B0yLWfPW
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=krk2IipJfjVzjPq7B0yLWfPW

43 B
106 B

55ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=krk2IipJfjVzjPq7B0yLWfPW
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=krk2IipJfjVzjPq7B0yLWfPW
date: Wed, 17 Mar 2021 20:06:20 GMT
server: openresty
content-length: 146
strict-transport-security: max-age=0; includeSubDomains;
content-type: text/html; charset=UTF-8

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEEB
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6929695690234676093&gdpr=1&gdpr_consent=&us_privacy=

43 B
106 B

71ms
70ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=6929695690234676093&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=6929695690234676093&gdpr=1&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 17 Mar 2021 20:06:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame FEEB
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MqgtspxAgJi_6pvHrFZ8SA==&ox_sc=1&ox_init=1
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MqgtspxAgJi_6pvHrFZ8SA==&ox_sc=1&ox_init=1&google_tc=
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

59ms
54ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:19 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: 7c5gmsko23juh18o1b1it7pjjij5o7q4

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 938A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

100ms
100ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 52436db87a4b3001efcb073da00fd92a1674f806a41cf40cd6ed942105c653fe

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1198; CMID=YFJhOm6zwhevqoHUTTyHsgAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|241|45|191|176|190|88
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1748
Expires: Wed, 17 Mar 2021 20:06:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Connection: keep-alive
Set-Cookie: CMID=YFJhOm6zwhevqoHUTTyHsgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:20 GMT CMPS=1198;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:20 GMT CMPRO=1112;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:20 GMT CMRUM3=bf6052613c05a0&276052613c0b40&2d6052613c05a0&e66052613c27600&b06052613c05a00&be6052613c05a0&586052613c05a0&f16052613c05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:20 GMT CMST=YFJhPGBSYTwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Mar 2021 20:06:20 GMT

Redirect headers

Server: Apache
Content-Length: 344
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 17 Mar 2021 20:06:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:18 GMT
Connection: keep-alive
Set-Cookie: CMID=YFJhOhNdu5bp5paSYCCOgAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:18 GMT CMPS=1198;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8A3B 31 KB
10 KB 119ms
60ms Script
text/html 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54776
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Thu, 18 Mar 2021 11:19:14 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 2B4A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

126ms
126ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ddb461a28e2290643f65d9612a91eb343721a459cf4a26bb51d4021a71998b5e

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1198; CMID=YFJhOm6zwhevqoHUTTyHsgAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|230|39|195|65|176|46
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1760
Expires: Wed, 17 Mar 2021 20:06:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Connection: keep-alive
Set-Cookie: CMID=YFJhOm6zwhevqoHUTTyHsgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:20 GMT CMPS=1198;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:20 GMT CMPRO=1112;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:20 GMT CMRUM3=416052613c05a0&f16052613c05a00&2d6052613c05a0&276052613c0b40&e66052613c27600&b06052613c05a00&2e6052613c05a0&c36052613c05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:20 GMT CMST=YFJhPGBSYTwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Mar 2021 20:06:20 GMT

Redirect headers

Server: Apache
Content-Length: 344
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 17 Mar 2021 20:06:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:18 GMT
Connection: keep-alive
Set-Cookie: CMID=YFJhOm6zwhevqoHUTTyHsgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:18 GMT CMPS=1198;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:18 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame D662
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
818 B

60ms
58ms

Script
text/html

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: d373b7e4-92e9-4f97-b9ba-7532d05917fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:18 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: ff1e17b0-5ef1-49a0-a3af-b5e3fb9aaabf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F2F5 0
746 B 113ms
72ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: 2bcbf94c-75fc-468b-96ef-687ce5dbfd01
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9003 42 B
174 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsug-ChASPw2RSB88DA8YvL6ka1z2vwq60D2gf1fbATCdhw3v7d9ZzKUNswEaoxr444LkiXgM71-jEGOE97TiFyzrKEcqUZ5P-j4JDu_-so&sig=Cg0ArKJSzLy1eZGlBDaeEAE&id=osdim&mcvt=3099&p=437,1100,687,1400&mtos=3099,3099,3099,3099,3099&tos=3099,0,0,0,0&v=20210315&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2786340635&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616011576353&dlt=0&rpt=492&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179006610034452&ev=Microdata&dl=https%3A%2F%2Fwww.theepochtimes.com%2Ftrump-team-examines-michigan-voting-machines_3607935.html%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--fDDh7a_mBovjMSlHDf9elQr-qnCdoxS7NlXI-4Cb9tirsBi8YqYq-DrcKuz7PDndVvtdgXUVD3YQbzOT7yUmDOPcoSzJ8re1t6ju7uxok4mAxHNk&rl=&if=false&ts=1616011580191&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Trump%20Team%20Examines%20Michigan%20Voting%20Machines%22%2C%22meta%3Adescription%22%3A%22A%20judge%20in%20Michigan%20has%20allowed%20a%20forensic%20audit%20of%2022%20Dominion%20machines%20in%20Antrim%20County.%20It%E2%80%99s%20over%20claims%20that%20votes%20there%20were%20compromised.%22%2C%22meta%3Akeywords%22%3A%22Dominion%2CJenna%20Ellis%2CMichigan%2CRudy%20Giuliani%2CTHE%20EPOCH%20TIMES%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Trump%20Team%20Examines%20Michigan%20Voting%20Machines%22%2C%22og%3Adescription%22%3A%22A%20judge%20in%20Michigan%20has%20allowed%20a%20forensic%20audit%20of%2022%20Dominion%20machines%20in%20Antrim%20County.%20It%E2%80%99s%20over%20claims%20that%20votes%20there%20were%20compromised.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ntd.com%2Ftrump-team-examines-michigan-voting-machines_537010.html%22%2C%22og%3Asite_name%22%3A%22www.theepochtimes.com%22%2C%22article%3Atag%22%3A%22Michigan%2CDominion%2CJenna%20Ellis%2CRudy%20Giuliani%22%2C%22article%3Asection%22%3A%222020%20Election%22%2C%22article%3Apublished_time%22%3A%222020-12-07T14%3A15%3A56-05%3A00%22%2C%22article%3Amodified_time%22%3A%222020-12-07T15%3A13%3A13-05%3A00%22%2C%22og%3Aupdated_time%22%3A%222020-12-07T15%3A13%3A13-05%3A00%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2020%2F12%2F07%2FRudy-Giuliani-1200x800.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616011580154.415784391&it=1616011577166&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 17 Mar 2021 20:06:20 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D662 0
747 B 49ms
46ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid: ce1bc8d2-6616-4b85-8d97-b1ef18b086ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8A3B 284 B
536 B 199ms
58ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 938A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEc2Gd9pzUfcqb7RfLgi4nw&google_cver=1

43 B
315 B

79ms
78ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEc2Gd9pzUfcqb7RfLgi4nw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:06:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEc2Gd9pzUfcqb7RfLgi4nw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 938A 70 B
264 B 70ms
70ms Image
image/gif 54.216.86.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YFJhOm6zwhevqoHUTTyHsgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.86.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 938A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t

43 B
720 B

155ms
154ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 938A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJhOm6zwhevqoHUTTyHsgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1

43 B
1003 B

80ms
79ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:06:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 938A 43 B
253 B 243ms
152ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 google
last-modified: Wed, 17 Mar 2021 20:06:20 GMT
server: nginx/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Wed, 17 Mar 2021 20:06:21 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame 938A 0
16 B 419ms
132ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:20 GMT
content-length: 0
server: b

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 938A 0
0 50ms
49ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 938A 85 B
236 B 143ms
142ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.8.v20160314) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
x-timer: S1616011580.335519,VS0,VE95
x-served-by: cache-hhn4033-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 938A 43 B
425 B 66ms
65ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YFJhOm6zwhevqoHUTTyHsgAA%261112
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:20 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2680
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:51:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2B4A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJhOm6zwhevqoHUTTyHsgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1

43 B
1003 B

83ms
82ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:06:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENikEv5VD8l5uBy2oG12Q7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 2B4A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t

43 B
720 B

163ms
160ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 2B4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJhOm6zwhevqoHUTTyHsgAABFgAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELrXlew_3W0hxmwKDMuPtNg&google_cver=1

43 B
315 B

85ms
85ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELrXlew_3W0hxmwKDMuPtNg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:06:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELrXlew_3W0hxmwKDMuPtNg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2B4A 70 B
264 B 74ms
69ms Image
image/gif 54.216.86.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_user_id=YFJhOm6zwhevqoHUTTyHsgAA&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.86.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2B4A
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ffeed686-0d78-430f-99f3-93042e808b13

43 B
1 KB

84ms
80ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ffeed686-0d78-430f-99f3-93042e808b13
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:06:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ffeed686-0d78-430f-99f3-93042e808b13
date: Wed, 17 Mar 2021 20:06:20 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 2B4A
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616097980&gdpr=1

43 B
315 B

227ms
77ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616097980&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:06:20 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616097980&gdpr=1
pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame 2B4A 0
44 B 404ms
131ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:06:20 GMT
content-length: 0
server: b

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 2B4A 0
0 156ms
56ms Image
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2B4A 43 B
425 B 71ms
70ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YFJhOm6zwhevqoHUTTyHsgAA%261112
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:20 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2680
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Mar 2021 20:51:00 GMT

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame A21D 14 KB
6 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 16:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99807
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:22:53 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 48ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031101&jk=1883327115028829&bg=!eXqlej7NAAbUo7L91KM7ACkAdvg8WoBVzaAOQA4rdBlDNwJQAW8Z1gHaK_Q3zQ6Dff0T2mkx2GKw-QIAAAFIUgAAABdoAQcKAalWQBOcnXV6EyfCSRZZSWi4N52ihPvYRqd9C2LC11uiLEr8GeYN4Kj64oMU6qe9ApzSQTkStMvQiR44a-UDCE2nWiADogymT8mbALV1SXjxr1YkrWimmLr8fZFuaC2QNot7lBW8NTZnudL4RcQL6CEJp3Zzs1-DwDIg0iwOLVS4y4H96k9GeZ8YcEb09w0WPcvUwEYu2eCOY_NhqCMlUBQEobgAS_MHpsU3jjNXwRp8Be1ZXo_maTWfimSYuJIpvzSlAKgu-R9Un0LkOeWaJyH5Et7jwK3sTWOxpV9famRMZxPpwh50A04JWtLt6qgdsDZ2-0uUyHeng4z9L7fGMFCbx6nFF9UyR-qDYSm2kg4Lvp2kVeRMHOgk4d6vSaqimKb9MnV-Vi9IvqhXDnJ2s9zhOdxtV5caEnPsZvKrV95FwY1dDb2v1ErjLAtwhbmE55jdl8PzjZ65KtHhVw-2jAYuhml_YsrkNzB-DvUiMYufbvFcTxuzNnBvU_FM0ellOm9dZk-7-YVWggU7L1S8_v5XqTY5GNCPBbTEyvAtSaX6UeBjyB7fkJa1w5kB4C1kERBXczLPCK5AN-YnVmScXd4V6F0hvHOepMNKQS4vdNNNj0sPFKPu-7UoriVczHA5kzmDLRfxdVIReNd51PAFH7pNaiTQZoQzA0GLe15FHhICZ-BWKvsE9nVXSNp--fsiYQOl09etmwPceIm3m6aK6eFLYCY3_YyMyHHZoFkKBwIRsphAh7waHIuLXpIBpwecqihJjFmxXF5Et_jSDSrAT1VoGU1tArqgeQNQZUW5mcr7FaeKO32DIBIFoY-65jBZKWLpqDlIcKdQ4Gm_h6B4Qy50UOv4ckxqUJPVNNMFCp5meesyBV9zFQN0K1gbSo_hCemKJ3Nn6x4KNNA60nB1Ng7-qfVGMFYOpob3vrL_I0zcJYWc-Nn68nYYQ5Z0MLw40wRQQ6MHPAyHYK3NPkpf7OzJHr0PaZ4NnT0iEG8HGBEZmGQ-bECh0dvNMSXQslyu_OrM_uhKENqWflWIw_kyOtkiznEwYuOKkgqkoMepyUFxmDRaoY9dcIpxKeeyy-vQLjrZEkgWymSUxHl0Wl7iIcX4AlQPNLXGazlO-ehk_0EBk-3A7jwqGqqvIOnl1R8ma3qXEnMKvScOilXVZByQ9CSEhxXVyLy0gp3i5gicj30Yej0IX7Ec9f-GRyTlLQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:06:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4ABF 37 KB
14 KB 71ms
66ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117733
Expires: Fri, 19 Mar 2021 04:48:33 GMT
Date: Wed, 17 Mar 2021 20:06:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F2F5 0
747 B 94ms
93ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 20:06:21 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: 4ec9a69c-a13a-43d4-9585-4619d4fb1a17
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4ABF 0
75 B 51ms
50ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=64028571&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:19 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 58F3 37 KB
14 KB 67ms
66ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117732
Expires: Fri, 19 Mar 2021 04:48:33 GMT
Date: Wed, 17 Mar 2021 20:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 58F3 0
75 B 50ms
47ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41555619&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 20:06:19 GMT
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youmaker.com
URL: https://www.youmaker.com/v1/api/video/subtitle?systemid=7e9f1cbb-2556-46f9-af39-1ed5c414efe6

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 16:54:57	Name: pi Value: 2:2
.ads.pubmatic.com/	1970-01-19 16:54:57	Name: KCCH Value: YES
.pubmatic.com/	1970-01-19 19:03:07	Name: KTPCACOOKIE Value: YES
.theepochtimes.com/	1970-01-20 02:15:07	Name: __gads Value: ID=ea64c74693d842c8-2204fda8d0ba0057:T=1616011575:S=ALNI_MZiCTpzs7HcjrAU05tR36rw0kNMqA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgCl0N4rjP28vYtb1W7F196D79k0NXW63sHcZ2-BNGYW82bSP04qn7CRW7qZdjt4dm8cHW7zkcZ61tr_ncW116yYB7hs8XgW81ZWrf4rwzB2W5hVj3c8T3hL8VqbxPY59DkH2W4VQb9b3Qj_ZqW5q0Lhk8SD6cdW5x5W8l73wSXSW5ptZSJ99MMbRV9dxDG8dnV0WW2y2KQ_6SvY3GW1YJ2_X6fPY-zW1XRNZ_56Rc0wW3_dNgc69rRRqW5kFStK4CTRD0W1TFrVB59bq1PN5Nkj0j3s1nRW3TM6jC1w640GW3w673f4V0vDb2ld1(Line 13) Message: toS
console-api	warning	URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js(Line 4) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002(Line 8) Message: Config.ApiHost : https://subs.youmaker.com
console-api	log	URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20201002(Line 8) Message: Config.AuthHost : https://auth.youmaker.com
console-api	log	URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20210317(Line 4) Message: in eu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7dd975ab069b60ceab3f99e4b8f86037.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.districtm.io
certify.alexametrics.com
clientcdn.pushengage.com
cm.g.doubleclick.net
comment.youmaker.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
dmp.brand-display.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
epoch-times-d.openx.net
eu-u.openx.net
eus.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
green.erne.co
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image6.pubmatic.com
img.theepochtimes.com
info.silobreaker.com
j.mrpdata.net
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
mixi.media
nep.advangelists.com
openx2-match.dotomi.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.adnxs.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
stat.media
static.mixi.media
static1.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static6.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
target.mixi.media
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
vs.youmaker.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theepochtimes.com
www.youmaker.com
x.bidswitch.net
www.youmaker.com
104.108.144.200
104.108.144.214
104.108.145.8
104.16.190.66
13.226.159.5
13.32.167.78
136.243.217.162
142.250.186.162
143.204.202.45
143.204.202.55
146.59.148.16
151.101.114.49
151.139.128.10
151.139.128.11
159.253.128.188
169.197.150.7
178.162.133.149
18.156.195.47
18.159.182.76
184.30.212.16
185.29.133.58
185.33.220.244
185.64.189.115
199.60.103.2
2001:678:cb4:bbbb::11
23.37.38.181
23.37.53.17
2600:9000:2038:8000:6:44e3:f8c0:93a1
2606:4700:e6::ac40:ca05
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:400c:c09::9b
2a02:fa8:8806:16::1400
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.45.2
34.120.33.89
34.120.97.157
35.157.227.186
35.170.112.41
35.201.68.206
35.227.252.103
35.241.40.233
35.244.159.8
35.244.243.66
37.157.4.41
37.252.161.190
37.252.172.45
46.161.36.24
51.89.21.10
52.51.160.138
52.57.142.16
52.59.46.254
52.85.115.102
54.194.129.87
54.216.86.107
54.239.17.112
66.155.71.149
69.173.144.138
87.98.242.60
99.80.128.92
02868658f7676e21ce2349178a1eebe74106380a88e14f5e453b1a2e35e0e6dc
030aadf0336f41ff3c00b85d2a88d4c2f40af2979c6e6e58701eb3743122abd4
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0862f53a75039bd65235b3be393c9a633319d21735a2481ce0630eb378dbe983
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c42391c453acd0e021e210a8236d6eed421c0e50f378517d7a1e9b2e3a98cf3
0ddaa577dbaeffc7bec177a31b0937c08d130fa329fad9889ce1a7935f6b7074
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10822d0059f3e80886451b779f3adddf54aa3748c76f352fe6966d51f871b3d7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11672d316983ca5cca067bd180d2b9f8ce4b6a055fc53cc0ea2b9461db82a4c4
123531321ccd51b7a4f0653a49b17c75b3ba27d2bffa978e2374b89df77c4885
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
13467e03a384621a6dd0fab46293cbfa7f99ebd30a42f29a875bad616a8f72b4
14895f79face5c69cc7424a4febac0c741a44dd6d0cf589d6221c8fd0b1cd136
1985ff197e1e74d315a525f00cbc64fc78f2aa87179304019178aa7aa03cdebf
19b6ed1a409a3f2ad1035deb5271ba1df30efb26c60712c7c4c42cec28911de6
1f26dd5f86bc38310baf2ba221e2b460483d1be8aa7df86d62a2530eb5b8cace
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
240a340447e6715d32872fa89d2e09b20d356dd59b916dc02f051ed8af6c7635
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
261b3ea494e75dccd0028079bc85fe461d33e58f3f0b039184580ef632afe5a0
27b5eb90bb1eec50918423caa80db7910748a01366ed4ae9531a6ee44a2662eb
29553a07bd8075277a457a30e9a0bf7b7274c8f7c0adb2eb549ca8b154d58199
298e3fba84778bc37293218f1a95cd2e8d67bf9f5b820476ccc57854c99ad88a
3375a2080070224dbaf34fffedc09a5fe36d95f41f8b397fe7c61594caaad0d0
383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
3c817dcd23aa1b42cb425021c3aa0e3d2049e649f1b3be0a07decfa0562b1dfc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7b68de65c86ca6b6ae720b35835fc741fbbde94949ff6dd39d7e40b67746eb
3d97a3ce5f5e38afd7a073742d934241b038aba6c537dfd5b446ee6af8697960
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42419e0eceece1bd49838c136ab167965345332e8123e6f55688e9db2d770417
485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf
4876add1f3b7a1218d91c56cba2d3045fa4a3b43b1c67480ceb5bc933dc99ca5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bc246f869d5cea3881fbfad95608c400cd648008e086c7b1f5e1c69ea67ef1c
4c6ee00c3b96a864f59ad1c63065d69bdd28849844df96b67f2a3cd3c873133b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52436db87a4b3001efcb073da00fd92a1674f806a41cf40cd6ed942105c653fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54baf423cb76386ba670701055567f435136554ddc3284bc13e3901ebae9cbf6
57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c99450475735188cbef043da43e7f2db0a69a80b93d220106bba665da279b54
60f46c91e0283141c119a6f8be03ed504be4fcc11931f6d3ba9d328359159381
6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
632b117e0995b8ebd1339a00c99d139b1dbece365710c0e848eef7a3377be414
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
6a17f7d06cc82d17f169619939756935be5ea8afafa199c2f4990fb69c4e039a
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
70f8b3df85520078131c6e473c9863e125171b18d2d3a4bb1ea4949484dde45a
7221c626d8cf9f003f4bd3f8c04622896e240b91e2ce4f62da257ff2cc94d694
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f19150dfa2e2d026e73e0856eea5e30b3bcbdf120069041d1668c29118f30a
77027cdf2aa9ba4d0972c21c64bf27e1935ea73a7011daccaa73f8be255a20b7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7d3f18b34b330808408dd8b52e54e2443e067141f02ce90dd351d762ea64ae81
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7efdc7040beec78c424dc8a052a52440543d65908359acf0e9017abfe6202fd5
801b78af2ab57cfc67d37f8137feac63f1b722b8812dea418b43759e9baddef8
806074d527f1c3a23001f4fa4d41dcb10a6a6dd95152d9b7bfa486a7106ff522
83245e30d6ee857fc3e799c70c42d06267e2302803bfadfe9f130eabf9975aad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851ab764811f7a7dd5b761c4dbb7a1c48b43e7e2dfffc4d4d3f905a478d13eb2
8655acce460b6110f4b0e835796632acb3d19339cb1fc6ab2fbaad55d1001a39
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
87fcea2e59b8d04ad3774fa1d99004b047595cd346b8600f6bde088d9192afd5
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4ce87e4d977de4cf5b68a25edf71862ea138c1556f6616dcf8cb3330c5533d
8ca3a0c69669bd081bafbf49374bdf4e12b955b515bab6105477562c161cb9b8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9004eb6c3e8bddea7b2b7964c9e6a1f008d32611743359c045e525fb5621c989
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
91a17ea7d18632bc45ec1dae138e3a0eb6ea5f926167baa69bc7052f6b5e1f96
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa46ae24e6a40546411c66f3c8c8947fc78584cebe256d2c7c8c07b3e84641ef
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e87193f91ccf03d3aff2337e53311640f5f6c862ff99e5c6c0a06def57ce8e
b4944e3da4133e749883b8219093e5bae1dc98369daf0471ff890a058e325106
b5702d8236f2a44cbdb232f495ce24f9b20ca9d8685b4682a8804488a3aa86b8
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
be54ec1474ad1493a9db2d2ec0f0d6bb38df3ed2fc1c3a336c8efe2eee3d0b65
c1daebe320978cff33cb923e9cb1d70b3a943a96407b4bd5086fc72101117125
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2631818c9016b9b9c0deefa603f0ef9a97e2da6e3e4eacede18b3b0f9764102
c3fc1f0761b1edc852a3757b053f6a00e583e558724009abd0d1d9514092b79d
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0
c7357112338adcf3f4ef5b241dde023a5914ca82bda842708591d81b2a824512
c770f534951eb4356f9674e6e8eb2daf9eabd9f0c835eacc32e5b995e3a57dba
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4e956062c95bc8261015e8999b3be53a17918be867ba76ecad5464d6f08ce4
d158808063fa7bb1ceeff3620bdc8d87ba19c4784032554f915d274cc8769c94
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dab90e9a6deed82a3b82215ca7c08517cf430f30cd2b36c59112c468c13acb4c
db13404a7be9b855a9293a5fc13e1065fb15559a590fb0782e41e1d3540039c7
ddb461a28e2290643f65d9612a91eb343721a459cf4a26bb51d4021a71998b5e
e1cb9bcd7767b9194b209d68f038ac7754c531dae3ffd0abcc9e6ed89973d5e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
ea6ad4592a02b98c195b7770740a1014fe0b5cebfb7768caa905c07c76f225f6
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebdba45316ab144755389e758bc44951cfaf4ff202820993444b7beac44cd40f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7371233f60ff84278dd1f1dbdc10632ddfcbda23c1b20ccdfed70b0965a92cc
f8c340a471538e38d2c3776156054c19ecc8399faf560866f2499eac2b96b2f9
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fac4283dac6916ba82185648c34dbb7c11363c02b188a248e7a1edf07a2b77d4
fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

www.theepochtimes.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

98 %HTTPS

27 %IPv6

55 Domains

90 Subdomains

61 IPs

9 Countries

5936 kBTransfer

8252 kBSize

4 Cookies

21 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

98 %
HTTPS

27 %
IPv6

55
Domains

90
Subdomains

61
IPs

9
Countries

5936 kB
Transfer

8252 kB
Size

4
Cookies

193 HTTP transactions
12 data transactions