urlscan.io logo urlscan.io
SecurityTrails logo

www.theepochtimes.com Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/d8OVsIoOym
Effective URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm...
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 14 countries across 84 domains to perform 321 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.theepochtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.
This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 1 44.239.146.245 16509 (AMAZON-02)
56 151.139.128.11 20446 (HIGHWINDS3)
47 35.244.243.66 15169 (GOOGLE)
4 13.32.29.201 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 192.0.80.242 2635 (AUTOMATTIC)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 65.9.68.27 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.201.68.206 15169 (GOOGLE)
14 34.120.33.89 15169 (GOOGLE)
2 34.120.97.157 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 143.204.98.34 16509 (AMAZON-02)
2 4 13.32.99.90 16509 (AMAZON-02)
3 4.7.168.73 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
8 142.250.186.98 15169 (GOOGLE)
1 13.224.189.21 16509 (AMAZON-02)
1 3.141.217.14 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 37.252.161.190 29990 (ASN-APPNEX)
2 9 37.252.173.27 29990 (ASN-APPNEX)
2 35.157.246.167 16509 (AMAZON-02)
2 34.254.122.11 16509 (AMAZON-02)
2 2.21.111.28 16625 (AKAMAI-AS)
4 35.244.159.8 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2.20.157.2 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
14 136.243.66.182 24940 (HETZNER-AS)
1 4 198.47.127.19 62713 (AS-PUBMATIC)
3 4 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.164 1299 (TWELVE99 ...)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
11 185.64.190.80 62713 (AS-PUBMATIC)
12 12 142.250.184.194 15169 (GOOGLE)
2 2 185.29.132.245 30419 (MEDIAMATH...)
5 198.47.127.20 62713 (AS-PUBMATIC)
3 4 146.59.148.16 16276 (OVH)
5 7 52.223.40.198 16509 (AMAZON-02)
2 2 34.249.68.36 16509 (AMAZON-02)
2 2 18.198.126.47 16509 (AMAZON-02)
1 169.50.137.182 36351 (SOFTLAYER)
4 2a00:1450:400... 15169 (GOOGLE)
4 82.202.225.227 49505 (SELECTEL)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.218.132.104 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 9 2606:4700:303... 13335 (CLOUDFLAR...)
1 143.204.98.116 16509 (AMAZON-02)
2 2a03:2880:f10... 32934 (FACEBOOK)
2 2 35.227.248.159 15169 (GOOGLE)
2 2 54.85.85.19 14618 (AMAZON-AES)
2 2 37.252.173.215 29990 (ASN-APPNEX)
3 4 35.156.121.212 16509 (AMAZON-02)
1 2 52.37.115.68 16509 (AMAZON-02)
4 20 2.20.157.55 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
2 4 52.46.154.242 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 1 54.73.110.124 16509 (AMAZON-02)
2 2 35.156.135.60 16509 (AMAZON-02)
1 3.234.39.245 14618 (AMAZON-AES)
4 4 54.77.6.213 16509 (AMAZON-02)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.17.84.146 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 185.86.138.144 201081 (SMARTADSE...)
2 2 213.19.147.44 3356 (LEVEL3)
1 1 213.19.147.45 26120 (RHYTHMONE)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 18.215.193.43 14618 (AMAZON-AES)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 35.210.178.101 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 34.205.3.24 14618 (AMAZON-AES)
1 1 23.88.75.189 24940 (HETZNER-AS)
1 1 87.98.228.78 16276 (OVH)
1 63.251.232.165 29791 (VOXEL-DOT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
1 195.5.165.20 44968 (IPROM-AS)
2 2 35.227.208.19 15169 (GOOGLE)
1 35.201.81.244 15169 (GOOGLE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 52.208.210.171 16509 (AMAZON-02)
321 83
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    44.239.146.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-146-245.us-west-2.compute.amazonaws.com
dlvr.it
56    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
www.theepochtimes.com
img.theepochtimes.com
47    35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com
subs.youmaker.com
4    13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.0.80.242 (Richardson, United States)

ASN2635 (AUTOMATTIC, US)
en.gravatar.com
6    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    65.9.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-27.fra56.r.cloudfront.net
js.chargebee.com
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com
www.youmaker.com
14    34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com
comment.youmaker.com
2    34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com
sc.youmaker.com
4    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    143.204.98.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-34.fra50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
4    13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    4.7.168.73 (United States)

ASN3356 (LEVEL3, US)
ea.epochbase.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.224.189.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-21.fra2.r.cloudfront.net
certify.alexametrics.com
1    3.141.217.14 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-217-14.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2600:9000:211e:e800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
9    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
epoch-times-d.openx.net
u.openx.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com
4    2.20.157.2 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-2.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
14    136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media
mixi.media
static.mixi.media
target.mixi.media
static8.mixi.media
static7.mixi.media
static3.mixi.media
static1.mixi.media
static2.mixi.media
static4.mixi.media
static6.mixi.media
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
12    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    34.249.68.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    82.202.225.227 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.ssel21.imcmdb.net
stat.media
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2606:4700:3038::6815:ea4f (United States)

ASN13335 (CLOUDFLARENET, US)
services.epoch.cloud
cdn.epoch.cloud
1    52.218.132.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2606:4700:20::681a:27a (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
9    2606:4700:3039::6815:c075 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
1    143.204.98.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-116.fra50.r.cloudfront.net
clientcdn.pushengage.com
2    2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    54.85.85.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-85-19.compute-1.amazonaws.com
i.liadm.com
2    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    35.156.121.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.37.115.68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-115-68.us-west-2.compute.amazonaws.com
p.alocdn.com
20    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    54.73.110.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-110-124.eu-west-1.compute.amazonaws.com
d.adroll.com
2    35.156.135.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    3.234.39.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-39-245.compute-1.amazonaws.com
rtb.adentifi.com
4    54.77.6.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    18.215.193.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com
a.audrte.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a05:d018:d29:3602:73b0:42cb:776e:1ea4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
1    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
1    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2606:4700:3039::6815:c097 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    35.227.208.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.208.227.35.bc.googleusercontent.com
cr.frontend.weborama.fr
1    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
64 youmaker.com
subs.youmaker.com
www.youmaker.com
comment.youmaker.com
sc.youmaker.com
2 MB
56 theepochtimes.com
www.theepochtimes.com
img.theepochtimes.com
2 MB
32 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
61 KB
21 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
138 KB
18 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
18 KB
16 adnxs.com
prebid.adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
47 KB
14 mixi.media
mixi.media
static.mixi.media
target.mixi.media
static8.mixi.media
static7.mixi.media
static3.mixi.media
static1.mixi.media
static2.mixi.media
static4.mixi.media
static6.mixi.media
439 KB
11 googlesyndication.com
d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
413 KB
9 clickcertain.com
a.clickcertain.com
7 KB
8 google.com
www.google.com
adservice.google.com
accounts.google.com
148 KB
8 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
43 KB
7 adsrvr.org
match.adsrvr.org
3 KB
6 google-analytics.com
www.google-analytics.com
20 KB
5 epoch.cloud
services.epoch.cloud
cdn.epoch.cloud
194 KB
5 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 indexww.com
js-sec.indexww.com
4 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 stat.media
stat.media
29 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 adform.net
c1.adform.net
2 KB
4 rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 openx.net
epoch-times-d.openx.net
u.openx.net
700 B
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
4 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
723 B
3 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
1 KB
3 gumgum.com
g2.gumgum.com
rtb.gumgum.com
961 B
3 google.de
www.google.de
adservice.google.de
1 KB
3 epochbase.com
ea.epochbase.com
638 B
3 googletagservices.com
www.googletagservices.com
100 KB
3 chargebee.com
js.chargebee.com
68 KB
3 googletagmanager.com
www.googletagmanager.com
164 KB
2 taboola.com
trc.taboola.com
match.taboola.com
653 B
2 volvelle.tech
a.volvelle.tech
1 KB
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com
83 KB
2 jsdelivr.net
cdn.jsdelivr.net
47 KB
2 dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
290 B
2 w55c.net
pm.w55c.net
1 KB
2 alocdn.com
p.alocdn.com
1 KB
2 liadm.com
i.liadm.com
2 KB
2 tapad.com
pixel.tapad.com
906 B
2 facebook.com
www.facebook.com
396 B
2 facebook.net
connect.facebook.net
113 KB
2 exelator.com
loada.exelator.com
2 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
1 playground.xyz
ads.playground.xyz
467 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 iprom.net
core.iprom.net
279 B
1 ad4m.at
ad4m.at
915 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
327 B
1 loopme.me
csync.loopme.me
216 B
1 stackadapt.com
sync.srv.stackadapt.com
650 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 turn.com
ad.turn.com
518 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 jquery.com
code.jquery.com
30 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 adroll.com
d.adroll.com
112 B
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 pushengage.com
clientcdn.pushengage.com
18 KB
1 remarketstats.com
a.remarketstats.com
688 B
1 amazonaws.com
s3-us-west-2.amazonaws.com
26 KB
1 simpli.fi
um.simpli.fi
615 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
334 B
1 sonobi.com
sync.go.sonobi.com
509 B
1 quantcount.com
rules.quantcount.com
428 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
551 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 gravatar.com
en.gravatar.com
2 KB
1 dlvr.it
dlvr.it
556 B
1 t.co
t.co
681 B
0 everesttech.net Failed
sync-tm.everesttech.net Failed
321 84
Domain Requested by
47 subs.youmaker.com www.theepochtimes.com
subs.youmaker.com
32 img.theepochtimes.com www.theepochtimes.com
subs.youmaker.com
24 www.theepochtimes.com t.co
www.theepochtimes.com
14 comment.youmaker.com www.theepochtimes.com
comment.youmaker.com
12 cm.g.doubleclick.net 12 redirects
11 simage2.pubmatic.com ads.pubmatic.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
9 a.clickcertain.com 6 redirects a.remarketstats.com
a.clickcertain.com
9 ib.adnxs.com 2 redirects www.theepochtimes.com
ads.pubmatic.com
acdn.adnxs.com
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
t.co
7 match.adsrvr.org 5 redirects ssum-sec.casalemedia.com
7 image2.pubmatic.com ads.pubmatic.com
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 www.google-analytics.com www.theepochtimes.com
www.google-analytics.com
4 accounts.google.com subs.youmaker.com
www.theepochtimes.com
4 match.prod.bidr.io 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 js-sec.indexww.com www.theepochtimes.com
ssum-sec.casalemedia.com
4 x.bidswitch.net 3 redirects a.clickcertain.com
4 stat.media mixi.media
stat.media
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 pixel.onaudience.com 3 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 ads.pubmatic.com www.theepochtimes.com
ads.pubmatic.com
4 sb.scorecardresearch.com 2 redirects www.theepochtimes.com
4 c.amazon-adsystem.com www.theepochtimes.com
c.amazon-adsystem.com
3 simage4.pubmatic.com ads.pubmatic.com
3 services.epoch.cloud t.co
www.theepochtimes.com
subs.youmaker.com
3 mixi.media www.theepochtimes.com
static.mixi.media
3 prebid.adnxs.com www.theepochtimes.com
3 pixel.quantserve.com 2 redirects www.theepochtimes.com
3 ea.epochbase.com www.googletagmanager.com
www.theepochtimes.com
3 www.googletagservices.com www.theepochtimes.com
securepubads.g.doubleclick.net
3 js.chargebee.com subs.youmaker.com
js.chargebee.com
3 www.googletagmanager.com www.theepochtimes.com
www.googletagmanager.com
2 cr.frontend.weborama.fr 2 redirects
2 a.volvelle.tech 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 a.audrte.com 1 redirects
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 sync.1rx.io 2 redirects
2 cdn.epoch.cloud subs.youmaker.com
2 stackpath.bootstrapcdn.com subs.youmaker.com
stackpath.bootstrapcdn.com
2 cdn.jsdelivr.net subs.youmaker.com
2 pm.w55c.net 2 redirects
2 eus.rubiconproject.com www.theepochtimes.com
eus.rubiconproject.com
2 u.openx.net www.theepochtimes.com
2 acdn.adnxs.com www.theepochtimes.com
2 p.alocdn.com 1 redirects
2 secure.adnxs.com 2 redirects
2 i.liadm.com 2 redirects
2 pixel.tapad.com 2 redirects
2 www.facebook.com
2 connect.facebook.net t.co
connect.facebook.net
2 static1.mixi.media www.theepochtimes.com
2 static8.mixi.media www.theepochtimes.com
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 epoch-times-d.openx.net www.theepochtimes.com
2 htlb.casalemedia.com www.theepochtimes.com
2 g2.gumgum.com www.theepochtimes.com
2 c2shb.ssp.yahoo.com www.theepochtimes.com
2 www.google.com www.theepochtimes.com
tpc.googlesyndication.com
2 sc.youmaker.com www.theepochtimes.com
1 rtb.gumgum.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 idsync.frontend.weborama.fr
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com
1 mwzeom.zeotap.com
1 aud.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 code.jquery.com subs.youmaker.com
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 clientcdn.pushengage.com www.theepochtimes.com
1 a.remarketstats.com 1 redirects
1 s3-us-west-2.amazonaws.com t.co
1 static6.mixi.media www.theepochtimes.com
1 static4.mixi.media www.theepochtimes.com
1 static2.mixi.media www.theepochtimes.com
1 static3.mixi.media www.theepochtimes.com
1 static7.mixi.media www.theepochtimes.com
1 target.mixi.media www.theepochtimes.com
1 static.mixi.media mixi.media
1 um.simpli.fi ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.go.sonobi.com www.theepochtimes.com
1 pixel.rubiconproject.com www.theepochtimes.com
1 www.google.de www.theepochtimes.com
1 rules.quantcount.com secure.quantserve.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.theepochtimes.com
1 certify.alexametrics.com www.theepochtimes.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d31qbv1cthcecs.cloudfront.net t.co
1 secure.quantserve.com t.co
1 www.youmaker.com www.theepochtimes.com
1 fonts.gstatic.com www.theepochtimes.com
1 en.gravatar.com www.theepochtimes.com
1 dlvr.it 1 redirects
1 t.co
0 sync-tm.everesttech.net Failed ads.pubmatic.com
321 129
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2022-06-01		 2 years crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2022-06-01		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
js.chargebee.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.epochbase.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-17 -
2022-12-18		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
mixi.media
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
static.mixi.media
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
stat.media
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
target.mixi.media
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-21 -
2021-12-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-03-26 -
2022-03-05		 a year crt.sh
*.pushengage.com
Amazon		 2021-01-27 -
2022-02-24		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Frame ID: 25701E0FE37B516F3B04196FE27DFD28
Requests: 169 HTTP requests in this frame

Frame: https://d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 575D5A59AEAC5D2D70F7339886389A86
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Frame ID: 4E2F29B6AC89214F270577E3CD34EF16
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Frame ID: 8AF2F5811B31F2E2278A940E8625E944
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4797991891875058763
Frame ID: 06F07B601E40B5C5F2DDA412E69FBDDA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F477181D99289974BE873C07EC556400
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041169080129157261
Frame ID: 0435A0119763E46AA040964F67730039
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Frame ID: B284AF0864D4E3339F9917B58E0CED73
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUjV1QqDyEaSV6kxhJ3Ywwcr7TLc3Pb0lgKgSxeOIkVXppks9hy_oypA3wswsHwEeUCat38XCcrjxdPfor_4-JuduQm901m55oMAjK4iTon6_ZPs66631HzNxoeP7Rfdhy5e9tCSHBg5IvQp6jgdd9mUZQU8zB-qBACDI_k9lY0qbMGWVYAW6gyUDXdyOKBdE08VnBYVUzUE03BXv33gnE-amS-QaCve5hWgAjRJFQGQWdkOPgHV3Orj3pUqebGiniDaIrxxn4yoFnDPknKTqmH4lNyfcfxXNS_TiR49Z3wWb4SctGwPcqrl4HW1CmKvFBUghWfHUVSaRl1XDMqYNO7tNwA_X4&sai=AMfl-YSjsMIKHEhVkGWTR_q_60VAOqetFMVjGsV-iqlQk-hRwfIwmmYOP9QsZeUZSJUoWbJPrBeIkxnnRZeFQRciOnjPqJHVPoR_amoTODjDRL4qDk5-cbrPT-iQg8Xaa1Xw&sig=Cg0ArKJSzOsQlEYddQB6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1AAC38BB10CDEAD59428C83790ABE236
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst49VPldbHQOBNQcmwEMwlWWtbmNb8kGvt3dE6zb7RFGMncDywpZLV2Xmh2fT2MFHbfPGZMsQTNZhvms5jIZSnndMSAfh-VA9R5vdbIG6wCqBn92VgDU6csUAcy1FELK9Bf8rVyOy0GtE11VgIWIhIpMEH5wAQhufnGz7xa_iC2X8XMc20HsmHtaISfHE4l-fMPIRVB3_DpGHLYB0K02k8yGhXnd7_Lsi5mSQTxcKMoHvrDF0_TcNNng69eLwbU3TnAPfVvetCfAvAYSrD3y0yvgquQhQgnDq1G0o6hfmCQI61Zdx4aBO8hyFj6DpkQOc6c2HLds5gm4c2T5P2lwui83we7oA6HDtVwCzuLuvu9g1PXNw&sai=AMfl-YQlpkSa6ePkQBcIZe132gH1G0iNOV8Zm6Q79voApuZhBdTsJ59bL6AIFFQfhfICQlVFbE0CbasYN8hCQUBRpPbpgMXgmIaFbGeiryKjmAiroAe09zk81aTFMyIyThL7&sig=Cg0ArKJSzLxGpy5BitsfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EC832EABDA31B4BC59A8ECDAD967EAE0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B074639F1AF4B61E488BC9A679630E6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C6942D217C565F16476521CD03922E1
Requests: 2 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&cn=DE
Frame ID: 571B76E3BED2C997C129F9801E2E5E7C
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 035EB29315CC312FE6F4F90CE77E94C8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A283E2DEA161B96717B9D698324D979B
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8F4F08EAC3C217599C3965227096941A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 32C6143D484D64A52C17C7AB0562C271
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 93D5FBEA353E63367850A46FE0B6F92D
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6BA1873502F4C3F1C06110B8A6E1AB5E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AB5E83D8D387F68D1DFD058914A404C0
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AC265C2EE090E8900BD6DFA5AAC81B63
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8427DDB3D23DFFD6CBB5CFA297D3F0A0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 029C3FBE4A0CC62902768061F05CED85
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: FF5239764F4397B52FF22E6249C61588
Requests: 10 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Frame ID: BB8434E2A6CC02A46B2E566450959B7B
Requests: 4 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Frame ID: A3D06BBCC101BE2F7705032763885692
Requests: 3 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Frame ID: D77D63ACFEF458269AF9C5BCFBDEA37A
Requests: 9 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Frame ID: 80805619CA72E8CCE9A49373E7A303EC
Requests: 20 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 21938C66FD508BCC3DD41F9491A3EAAB
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADe8U7DboQAADxU7u0rqw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 33A58BB6D637937F8BAADFBDA5E7A4F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003
Frame ID: A033209AAE5A1CB5BC6940D44C1A6A49
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tByC97qRSvVTDsHf2pWCNqh3Gcc
Frame ID: CD2A948982570840AE6F779DB69C3723
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 70FCA0EB5B7DE528D3FD58C033D1EA76
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9vKSjb1kUYzwOomGH8HoX-aE
Frame ID: CFBDEFC9E0A411B4EB61F8F055383486
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D4D1BA85D66B4E80D84D4D408845E511
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 69D90A25BCCC0CC90662DE6459B63050
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c02f948a-48e4-4b48-957f-66d7bdb5602a-tuct8b0c77e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 76CBC7B07789D9CA0282964A3393BA1E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 7A00C4BE014F5A562D40162EC2521884
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

80,000 South Australian Govt Workers Hit by Ransomware Attack

Page URL History Show full URLs

  1. https://t.co/d8OVsIoOym Page URL
  2. http://dlvr.it/SF6Vjx HTTP 301
    https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?ut... Page URL

Page Statistics

321
Requests

88 %
HTTPS

27 %
IPv6

84
Domains

129
Subdomains

83
IPs

14
Countries

7056 kB
Transfer

9912 kB
Size

131
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/d8OVsIoOym Page URL
  2. http://dlvr.it/SF6Vjx HTTP 301
    https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1639399928681&ns_c=UTF-8&c8=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&c7=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2Fd8OVsIoOym HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1639399928681&ns_c=UTF-8&c8=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&c7=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2Fd8OVsIoOym
Request Chain 109
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Request Chain 110
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4797991891875058763
Request Chain 112
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041169080129157261
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P7C8caArRW2EI1HQIm2_Sw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P7C8caArRW2EI1HQIm2_Sw%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 115
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=644b61b7-41f8-4e00-aa71-6802c36d3202
Request Chain 116
  • https://pixel.onaudience.com/?partner=214&mapped=3FB0BC71-A02B-456D-8423-51D0226DBF4B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=4419b5d6-9e21-44aa-ba89-f07b101fa27d&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d0c5805a8fceed31b0d06dfde566fa36 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca36f71eb5150096800bdf94279f14d2
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ZCMEJDNzEtQTAyQi00NTZELTg0MjMtNTFEMDIyNkRCRjRC&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ZCMEJDNzEtQTAyQi00NTZELTg0MjMtNTFEMDIyNkRCRjRC&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOHCafQcCwCHz7X3JRk1_Fo&google_cver=1
Request Chain 120
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&gdpr=0&gdpr_consent=
Request Chain 121
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4419b5d6-9e21-44aa-ba89-f07b101fa27d
Request Chain 122
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3069240408983036820
Request Chain 123
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8022406444498508336&gdpr=0&gdpr_consent=
Request Chain 155
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=80000%2dsouth%2daustralian%2dgovt%2dworkers%2dhit%2dby%2dransomware%2dattack_4149549%2ehtml HTTP 302
  • https://a.clickcertain.com/px/?c=244b81b94c69796
Request Chain 156
  • https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 168
  • https://a.clickcertain.com/px/ta/?ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=ae96d371-9e11-444d-891c-927a172a61f8
Request Chain 169
  • https://a.clickcertain.com/px/r/?ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3 HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253da34b48d4%25252d5cd9%25252d49f8%25252d854a%25252d8ba7b6e0b3d3%252526anx_uId%25253d%252524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253da34b48d4%25252d5cd9%25252d49f8%25252d854a%25252d8ba7b6e0b3d3%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&_li_chk=true&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&previous_uuid=9c772f60cc564cd1a92f8884ac713271 HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253da34b48d4%252d5cd9%252d49f8%252d854a%252d8ba7b6e0b3d3%2526anx_uId%253d%2524UID&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3da34b48d4%2d5cd9%2d49f8%2d854a%2d8ba7b6e0b3d3%26anx_uId%3d%24UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Da34b48d4%2D5cd9%2D49f8%2D854a%2D8ba7b6e0b3d3%26anx_uId%3D%24UID&google_gid=CAESEDHKpWkYvk_r-pfju056N9c&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&anx_uId=8022406444498508336 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&expires=5&user_group=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&expires=5&user_group=0
Request Chain 173
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%25224149549%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25227782800b-869f-44ab-813a-3258c804c22b%2522%257D&title=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&referrer=https%3A%2F%2Ft.co%2Fd8OVsIoOym HTTP 302
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%25224149549%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25227782800b-869f-44ab-813a-3258c804c22b%2522%257D&title=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&referrer=https%3A%2F%2Ft.co%2Fd8OVsIoOym&tdc=1
Request Chain 191
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 192
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbdB.-45nYe5jAaKvkDA6gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
Request Chain 203
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB&dcc=t
Request Chain 204
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=630854030393
Request Chain 205
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 206
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k6eYvtzs1MWKOn5&gdpr=1
Request Chain 209
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB&dcc=t
Request Chain 210
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbdB.962Iy9VL0-ZNHmR9wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
Request Chain 213
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADe8U7DboQAADxU7u0rqw&expiration=1640609531&gdpr=1
Request Chain 214
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-9edb_nXmWDghcto-ofSaKvRm27gh8po_4dL5I9X
Request Chain 215
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639486331&gdpr=1
Request Chain 298
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZThVN0Rib1FBQUR4VTd1MHJxdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADe8U7DboQAADxU7u0rqw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 299
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2504108235 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/4419b5d6-9e21-44aa-ba89-f07b101fa27d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003
Request Chain 300
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&addseg=19,36,42
Request Chain 301
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3FB0BC71-A02B-456D-8423-51D0226DBF4B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3FB0BC71-A02B-456D-8423-51D0226DBF4B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 303
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B HTTP 302
  • https://a.audrte.com/p
Request Chain 304
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DKuBfHhE2uUJRY_ETPrO_pvwLe9deGQ-~A&gdpr=0&gdpr_consent=
Request Chain 307
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=21824df9-ce0e-424b-a236-05dba633ad28 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=21824df9-ce0e-424b-a236-05dba633ad28 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=4403d03a-4926-4f08-af71-99f069cc3f24&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=21824df9-ce0e-424b-a236-05dba633ad28&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 308
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7703256537291944179&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 310
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 311
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tByC97qRSvVTDsHf2pWCNqh3Gcc
Request Chain 312
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 313
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9vKSjb1kUYzwOomGH8HoX-aE
Request Chain 316
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c02f948a-48e4-4b48-957f-66d7bdb5602a-tuct8b0c77e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 318
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3988765427 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Request Chain 319
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e01531a6-acbe-44c7-b7e6-132d07316624&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 320
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8022406444498508336

321 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
d8OVsIoOym
t.co/ 		257 B
681 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/d8OVsIoOym
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 12:52:06 GMT
vary
Origin
server
tsa_o
expires
Mon, 13 Dec 2021 12:57:07 GMT
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
193
referrer-policy
unsafe-url
content-encoding
gzip
x-xss-protection
0
content-security-policy
referrer always;
strict-transport-security
max-age=0
x-response-time
122
x-connection-hash
87e6ad3c51d261b8d9e7a69f75a38a321084183853bb02428cb0f035a68a2b1a
Primary Request 80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html
www.theepochtimes.com/
Redirect Chain
  • http://dlvr.it/SF6Vjx
  • https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e21a080cababbbb6505b9891d70eddca38239009916d9662fb8f2f5e927d18b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/d8OVsIoOym

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-type
text/html; charset=UTF-8
x-hw
1639399927.cds142.fr8.hn,1639399927.cds016.fr8.sc,1639399928.cds016.fr8.p
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-device
desktop
x-cache-status
MISS

Redirect headers

Date
Mon, 13 Dec 2021 12:52:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Location
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Cache-Control
private; max-age=90
X-Backend-Server
web04.web
template.css
subs.youmaker.com/lib/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/template.css?ver=20200716
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:59 GMT
server
nginx/1.20.1
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
8659
single-merge.min.css
www.theepochtimes.com/assets/themes/eet/css/ 		105 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2cc2ce9251213658989817a09d355ab9c34f78628d027e15f6293871f63663b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Dec 2021 19:23:05 GMT
server
nginx
x-microcachable
0
etag
W/"61afb499-1a2df"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds259.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
44166
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
slick.css
www.theepochtimes.com/assets/themes/eet/css/ 		2 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/css/slick.css?ver=20170224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
x-microcachable
0
etag
W/"59bae35d-69d"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds168.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
569
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
242
x-cache
Hit from cloudfront
server
Server
x-amz-rid
12Q5Q053B7WAHY7168VY
date
Mon, 13 Dec 2021 12:48:09 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
53NiSehW-R2mrhK6aQfEiy_YXX4F1OWT3fbmZOGE17r-2PMfB0IbOw==
prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		290 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 23:01:12 GMT
server
nginx
x-microcachable
0
etag
W/"60494fb8-48619"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds159.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
109413
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		163 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
813e6d544b7c550e7ff5b1df947a6419ab7288042f024e43d8fffeab492ed616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61861
x-xss-protection
0
expires
Mon, 13 Dec 2021 12:52:08 GMT
logo_eet.svg
www.theepochtimes.com/assets/themes/eet/images/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/logo_eet.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Aug 2018 21:43:01 GMT
server
nginx
etag
"5b807be5-3f5c"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds206.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
5932
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
logo_vertical.png
www.theepochtimes.com/assets/themes/eet/images/ 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/logo_vertical.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9248ef5db07daf1037b001b1ea7ffdba722f041064f30555795fdb12a4dcf1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 17:21:44 GMT
server
nginx
x-microcachable
0
etag
"617adc28-3ab"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds124.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
939
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
Desantis-Florida-Epoch-Times-9A6A3638-300x180.jpg
img.theepochtimes.com/assets/uploads/2021/05/24/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/05/24/Desantis-Florida-Epoch-Times-9A6A3638-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
577081f0385b7d274132170e0e3ae6a182291bdb4f03be00e783ac3719f4f363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Mon, 24 May 2021 20:46:27 GMT
server
nginx
etag
"60ac10a3-95ff"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds262.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
38399
missile-destroyer-uss-kidd-1200x801-300x180.jpg
img.theepochtimes.com/assets/uploads/2021/12/13/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/13/missile-destroyer-uss-kidd-1200x801-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4b37d3f659f8b0f1c222dce949640b972c41b350b9b79e3abf7a980235e945fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Mon, 13 Dec 2021 11:11:42 GMT
server
nginx
etag
"61b72a6e-76f0"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds041.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30448
Border-Yuma-IMG_1941-300x180.jpg
img.theepochtimes.com/assets/uploads/2021/12/11/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/11/Border-Yuma-IMG_1941-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2cc3b9c66c53e056c9f5f89ce4f78fd74c04d3d22994c3e795b4a50a424df322

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Sat, 11 Dec 2021 15:58:29 GMT
server
nginx
etag
"61b4caa5-86a6"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds266.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34470
GettyImages-1298533353-700x420.jpg
img.theepochtimes.com/assets/uploads/2021/12/10/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/10/GettyImages-1298533353-700x420.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b29ef926e31fe1b611df2a9ce81adf787eb5bf6bc1804d50614a05f9c06b63a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Fri, 10 Dec 2021 07:25:28 GMT
server
nginx
etag
"61b300e8-dc6c"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds141.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
56428
db9fed5a69fa64e4715aa71982486940.jpg
en.gravatar.com/userimage/202630276/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.gravatar.com/userimage/202630276/db9fed5a69fa64e4715aa71982486940.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.80.242 Richardson, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8c7c672bfce9a0e6e3ebdfe6965003d39161afe54b604949bc4b3c7eac579d7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 varnish (Varnish/6.0)
last-modified
Wed, 03 Mar 2021 12:22:28 GMT
server
nginx
source-age
1657
x-varnish
216305912 191890841
cache-control
max-age=300
content-disposition
inline; filename="db9fed5a69fa64e4715aa71982486940.jpeg"
accept-ranges
bytes
content-type
image/jpeg
link
<https://www.gravatar.com/userimage/202630276/db9fed5a69fa64e4715aa71982486940.jpg>; rel="canonical"
content-length
1613
expires
Mon, 13 Dec 2021 12:57:08 GMT
EpochTV_Gold_Home.png
www.theepochtimes.com/assets/themes/eet/images/premium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/premium/EpochTV_Gold_Home.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7e26854636676991f1d950121ab8e5e484ede7d67dc896dd2d6a9d4d607d8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 14:55:20 GMT
server
nginx
x-microcachable
0
etag
"607853d8-5c01"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds102.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
23553
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ATL.jpg
img.theepochtimes.com/assets/uploads/2021/04/28/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/04/28/ATL.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3141a74d2f7f0278ee1196c2dfeb013807d737c3adc0eeecaaca36495a76bc63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Wed, 28 Apr 2021 19:37:31 GMT
server
nginx
etag
"6089b97b-162a8"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds265.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
90792
Surname_update_600x1200-1.jpg
img.theepochtimes.com/assets/uploads/2021/07/02/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/07/02/Surname_update_600x1200-1.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
fb957c9ca9d9aef155343aa1f0d4c6e4f47e722932a48e5a85048e4f7492b51b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Fri, 02 Jul 2021 15:25:57 GMT
server
nginx
etag
"60df3005-37626"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds265.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
226854
fm-oold.jpg
img.theepochtimes.com/assets/uploads/2021/04/28/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/04/28/fm-oold.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
503f24dc990e977e49bba6e6bd5f531369ed113dee1f5709bbfcafdf218cd564

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Wed, 28 Apr 2021 19:37:35 GMT
server
nginx
etag
"6089b97f-12c75"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds109.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
76917
AmericanCrossroads_HomePoster_BW_600x1200.jpg
img.theepochtimes.com/assets/uploads/2021/09/10/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/09/10/AmericanCrossroads_HomePoster_BW_600x1200.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9f4440116c1058bd77df3d46c84e0e807731b5302cda5c190dfd233e8de516a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Fri, 10 Sep 2021 15:20:17 GMT
server
nginx
etag
"613b77b1-18679"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds250.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
99961
larry-440x880.jpeg
img.theepochtimes.com/assets/uploads/2021/05/26/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/05/26/larry-440x880.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1ad886d5daed57a89ccce0cb2d34b21c2ff6cc109a8e2ed40635516d939c0456

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Wed, 26 May 2021 17:34:55 GMT
server
nginx
etag
"60ae86bf-2bc03"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds263.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
179203
CR-Dec-5-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/06/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/06/CR-Dec-5-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
96a65b510171424eac5aab5d8867e87802c92f118ff1f75a5b2b12382e35f7ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Mon, 06 Dec 2021 02:58:17 GMT
server
nginx
etag
"61ad7c49-8363"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds148.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33635
KASH-III-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/04/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/04/KASH-III-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6c29b38e79f19e865a0ef2254d23942a9d5319c7fa96f56c9e4063823109e778

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Sat, 04 Dec 2021 01:16:15 GMT
server
nginx
etag
"61aac15f-12372"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds015.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
74610
Darrel-Brooks-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/05/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/05/Darrel-Brooks-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
738e4edbfb463a9183352a9d89ac9836c3d6e2402e7c9e42c3b0156521b3e1fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Mon, 06 Dec 2021 00:20:43 GMT
server
nginx
etag
"61ad575b-dab7"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds247.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55991
photo_2021-12-09-15.22.33-600x338.jpeg
img.theepochtimes.com/assets/uploads/2021/12/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/09/photo_2021-12-09-15.22.33-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3a69222798aae5ed5488b4f36d397dab292cf716693a445c1ec3044cf17337af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Thu, 09 Dec 2021 21:47:33 GMT
server
nginx
etag
"61b27975-b0a8"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds057.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
45224
ttl7daydNj_a04421ca7c0bb70c-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/07/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/07/ttl7daydNj_a04421ca7c0bb70c-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
046b0caa6612c451cfddf7da1351f27d7b1951d85424a8f6940db13301251e15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Tue, 07 Dec 2021 23:06:44 GMT
server
nginx
etag
"61afe904-a7d6"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds238.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42966
CNN-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/07/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/07/CNN-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a8dbf9213d6fdcee9230c1ed66f81d5fd942689a20059630a31ee3510f350931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Tue, 07 Dec 2021 19:55:31 GMT
server
nginx
etag
"61afbc33-914e"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds107.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37198
TNS_EP87_TwitterPost-Dorsey_HD_Darin_RT-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/04/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/04/TNS_EP87_TwitterPost-Dorsey_HD_Darin_RT-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c4dd8fbfb03197b63191ddb6fcfd2cd8a3e916a81f700dd4e9c6236ee5188b36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Sat, 04 Dec 2021 18:44:22 GMT
server
nginx
etag
"61abb706-b129"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds160.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
45353
photo_2021-12-10-16.16.24-600x338.jpeg
img.theepochtimes.com/assets/uploads/2021/12/10/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/10/photo_2021-12-10-16.16.24-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6c435326bad4ee5476396373a1f00c3d9e5570b0a996a6e3ee8b8764d6c7fdaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Fri, 10 Dec 2021 22:43:47 GMT
server
nginx
etag
"61b3d823-b806"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds140.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
47110
CR-Dec-9-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/10/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/10/CR-Dec-9-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2902d82d7a26834822494377558834ad3650156ed79eea589040c92692ae42ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Fri, 10 Dec 2021 03:08:47 GMT
server
nginx
etag
"61b2c4bf-897b"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds164.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35195
Donald-Boudreaux-FINALLL-600x338.jpg
img.theepochtimes.com/assets/uploads/2021/12/07/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/07/Donald-Boudreaux-FINALLL-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c5c24148442b317e50d53294040b15f1848372f1e6631ec465efc17815daea86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Tue, 07 Dec 2021 22:31:47 GMT
server
nginx
etag
"61afe0d3-d075"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds149.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
53365
EET_footer.png
www.theepochtimes.com/assets/themes/eet/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/EET_footer.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Aug 2018 19:13:08 GMT
server
nginx
x-microcachable
0
etag
"5b7db5c4-1d36"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds274.fr8.c
content-type
image/png
cache-control
max-age=1800
content-length
7478
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
jquery-all.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		98 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 15:48:46 GMT
server
nginx
x-microcachable
0
etag
W/"618d3b5e-188fe"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds006.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
40721
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
bottom.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20211210
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
84b9079235b58bf169a7d8187bee204bf4fdc0860381a2e408e8ec7b6c655f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Dec 2021 16:14:04 GMT
server
nginx
etag
W/"61b37ccc-1459b"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds242.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
26159
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
api.bundle.js
subs.youmaker.com/lib/ 		240 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5c87b4fadf2867e3fd6872df152b3a95bcc59f6a0e9583a7413dde6bee0f2b9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:59 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
245251
remark.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20211118
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7aa265e6bf6cc4973bf6fcc348ac96437d4956cccf0ab9a306da8e3d1b6b85c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Nov 2021 23:52:04 GMT
server
nginx
etag
W/"6196e724-1792"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds289.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
2011
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
slick.js
www.theepochtimes.com/assets/themes/eet/js/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/slick.js?ver=20170324
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:26 GMT
server
nginx
etag
W/"59bae35e-14929"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds265.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
18949
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
article_ads_prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20211101
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1fe83088e2e1330cd81bb64cbbee950b0368bb2b48e2884112a25b09be067661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 22:42:39 GMT
server
nginx
x-microcachable
0
etag
W/"61806d5f-b2f6"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds125.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
12968
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6662
date
Mon, 13 Dec 2021 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 13 Dec 2021 13:01:06 GMT
gtm.js
www.googletagmanager.com/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36662c1c954312ba92720ebd1ba2259e4c27f3387bfc7aabfe2fb74538b5a323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69084
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Dec 2021 12:52:08 GMT
telegram-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/telegram-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:18 GMT
server
nginx
x-microcachable
0
etag
"601aeb42-cbf6"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds277.fr8.c
content-type
image/png
cache-control
max-age=1800
content-length
52214
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
tell-icon.svg
www.theepochtimes.com/assets/themes/eet/images/ 		721 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/tell-icon.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 20:21:26 GMT
server
nginx
etag
"60341246-2d1"
x-cache-status
MISS
x-hw
1639399928.cds142.fr8.hn,1639399928.cds246.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
346
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
mewe-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/mewe-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
x-microcachable
0
etag
"601aeb41-772"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds268.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
1906
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
plus-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		465 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/plus-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
x-microcachable
0
etag
"601aeb41-1d1"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds281.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
465
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 		1 KB
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
etag
"59bae35d-498"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds260.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
579
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
D-DINCondensed-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DINCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e454"
x-cache-status
MISS
x-hw
1639399928.cds142.fr8.hn,1639399928.cds222.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
58452
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e9d4"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds280.fr8.c
content-type
font/opentype
cache-control
max-age=315360000
content-length
59860
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
D-DIN-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-eb1c"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds225.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
60188
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Bold.otf
img.theepochtimes.com/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Mon, 15 Nov 2021 18:18:30 GMT
server
nginx
etag
"6192a476-1e6ec"
x-hw
1639399928.cds125.fr8.hn,1639399928.cds232.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
124652
0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v10/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 14:17:16 GMT
x-content-type-options
nosniff
age
513292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14200
x-xss-protection
0
last-modified
Wed, 17 Jul 2019 00:00:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 14:17:16 GMT
RingsideCondensed-Book.otf
img.theepochtimes.com/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideCondensed-Book.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
eff8407713a4db64425aa277a1cf6b097b72cc3b1b0fbafb04a1cb24066ec61f

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Thu, 18 Nov 2021 18:20:53 GMT
server
nginx
etag
"61969985-1e604"
x-hw
1639399928.cds125.fr8.hn,1639399928.cds217.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
124420
Acta-Book.otf
img.theepochtimes.com/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-Book.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=202112072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
last-modified
Fri, 19 Nov 2021 20:22:17 GMT
server
nginx
etag
"61980779-a7ac"
x-hw
1639399928.cds125.fr8.hn,1639399928.cds149.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
42924
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4adb8463ef46189ad0d99ff804fe3269e998acaa7bb29a73c2e2d361a06a7d7

Request headers

Referer
Origin
https://www.theepochtimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
chargebee.js
js.chargebee.com/v2/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2395144ea3091c5c67eb6f40a5f3e1e68e8e241dc8a9087a71bd3cf58f5f204b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
pxDUW83ZFaq7V8cr_Hof1xJYeQ3mZNXn
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 08:55:27 GMT
server
AmazonS3
age
165
etag
W/"5173da88f3d4648a33712eef1fd912d9"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 13 Dec 2021 12:49:23 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
0Y62TxG4bKq5lNF1uRu17z5jobWWtIxxN5pJCcYuXwiqgCRQBSpjsg==
geo
subs.youmaker.com/rules/ 		120 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/geo?siteid=&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c45c19025d22d611cec4f573b639bdb6e7c731024e498733c1e3220250c2aefb

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
120
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20211101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1069 / 50 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Dec 2021 12:52:08 GMT
test
www.youmaker.com/g/ 		7 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youmaker.com/g/test
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.68.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
alt-svc
clear
content-length
7
counts
comment.youmaker.com/api/v1/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d2ffe3bbfeb2dbb6e79dcbe8bc416e360af5b9fecf5e9e6f2718333164fdbec5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
app-version
0.1.2
app-name
remark
x-robots-tag
noindex
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 UTC
count
sc.youmaker.com/site/article/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/site/article/count?site=www.theepochtimes.com&user=48440d59-5bc3-93a8-6dcb-ee9ba0aeea37&postid=4149549,4152010,4152612,4151592,4150900,4149330,4143488,4140213,4138033,4140194,4148473,4143941,4143906,4138935,4150900,4149330,4143488,4140213,4138033,4140194
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
273bb667aa9f105a80b53afaabb6675da01b715f0fe956dd1bea7c4aa4b9f1ec

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-type
application/json;charset=UTF-8
chevron_left.png
www.theepochtimes.com/assets/themes/eet/images/ 		982 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/chevron_left.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
af463b25ee108e48338456299a263e94b53b302b4524916661513e22dd773850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 17:04:32 GMT
server
nginx
etag
"618958a0-3d6"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds246.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
982
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
chevron_right.png
www.theepochtimes.com/assets/themes/eet/images/ 		980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/chevron_right.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
44be04ca10e45131b3040fd10ab82ba4792b1da6c66f6c0bbeb343e3ea01f6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 17:04:32 GMT
server
nginx
etag
"618958a0-3d4"
x-hw
1639399928.cds142.fr8.hn,1639399928.cds213.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
980
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
41078
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Mon, 13 Dec 2021 01:27:51 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
fuQ937sNbYYr8IVhUP86Km3uwGFBOHZOZj4J9zypd61kz3iwUUrLVg==
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1896038462&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&dp=%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&ul=en-us&de=UTF-8&dt=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=117777067&gjid=1452587328&cid=1160537288.1639399929&uid=anonb021-bb3c-449c-9a96-ce65982056ad&tid=UA-10465455-30&_gid=730694018.1639399929&_r=1&_slc=1&cd1=237&cd3=%3Baustralia-237%3Binternational-19%3Bworld-89904%3B&cd4=%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd5=%3Baustralia-237%3Binternational-19%3Bworld-89904%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd21=4149549&cd23=Nina%20Nguyen&cd26=Australia&cd28=%3BAustralia%3BInternational%3BWorld%3B&cd29=%3Bransomware%20cyber%20attack%3Bcyber%20attacks%3BSouth%20Australia%3BFrontier%20Software%3Bdata%20breach%3Bpayroll%20system%3B&cd30=20211210&cd31=20211210&cd33=624&cd42=%3Bransomware-cyber-attack%3Bcyber-attacks%3Bsouth-australia%3Bfrontier-software%3Bdata-breach%3Bpayroll-system%3B&cd43=post&cd18=anonb021-bb3c-449c-9a96-ce65982056ad&z=959410520
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:08 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 20 Dec 2021 12:52:08 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-34.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
19853082
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
xRlfWM1FmvQHUFF-ftvJD7h_ewe-yW79n2sx7L72STBBk0jKdHtmyA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1639399928681&ns_c=UTF-8&c8=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&c7=https%3A%2F%2Fwww.theepochti...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1639399928681&ns_c=UTF-8&c8=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&c7=https%3A%2F%2Fwww.theepocht...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1639399928681&ns_c=UTF-8&c8=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&c7=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2Fd8OVsIoOym
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
XiaefNhsHeWmgS-Yty5qQj2gUbuUXCAmYlL8LJ6mutprNKgkrtj04g==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1639399928681&ns_c=UTF-8&c8=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&c7=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&c9=https%3A%2F%2Ft.co%2Fd8OVsIoOym
content-length
384
x-amz-cf-id
65V4AQKyt-OrhXuZio9K0Eh_U1lRRvuxDfa5XEUPATEo-gIqjusJ2A==
collect
ea.epochbase.com/api/analytics/g/ 		0
213 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=2oec10&_p=1896038462&sr=1600x1200&ul=en-us&cid=1160537288.1639399929&_fplc=0&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&dt=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&sid=1639399928&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.page_path=%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&ep.post_id=4149549&ep.primary_category_name=Australia&ep.eet_tags=ransomware%20cyber%20attack%3Bcyber%20attacks%3BSouth%20Australia%3BFrontier%20Software%3Bdata%20breach%3Bpayroll%20system&ep.all_term_ids=australia-237%3Binternational-19%3Bworld-89904%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-10465455-30&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30c6090d5fda9533a2aedfd85efb2a32c096abadc8f5a601b9050ad7bd4a187a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36198
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Dec 2021 12:52:08 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10465455-30&cid=1160537288.1639399929&jid=117777067&uid=anonb021-bb3c-449c-9a96-ce65982056ad&gjid=1452587328&_gid=730694018.1639399929&_u=YGBACEAABAAAAC~&z=1545501210
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 13 Dec 2021 12:52:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
0-d0d07a1ccb393c1835b4.js
js.chargebee.com/v2/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/0-d0d07a1ccb393c1835b4.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
N3WfbbfDF1J0N0X84c9wTcG.yi5gx.X.
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 18 Nov 2021 12:39:40 GMT
server
AmazonS3
age
159
etag
W/"c4630576340873667c3aab4a9a1de919"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 13 Dec 2021 12:49:29 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
mCLfShFwLWs-jXypVJf3r8IAsFDGNE953DLPhpPBoDg5IHxD4hFB_w==
60-4fe9e35e742e2fd78a5b.js
js.chargebee.com/v2/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/60-4fe9e35e742e2fd78a5b.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef589800a85729debfd73086bfe87f0736ee95c4d2fb599b3e6417a3aa6b58f5
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
yIum.E5A6TWzy7NGTSgVh4kAxt7lW_XN
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 08:55:27 GMT
server
AmazonS3
age
162
etag
W/"bea3c2b1ff1b64c6dc747d7f6903a685"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 13 Dec 2021 12:49:27 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
YH5iYmtG5BYuAbL3BqvQ4-N9kVUobbhAN3BzFfs5y29zZdO9KZ3mxA==
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Dec 2021 12:52:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		119 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theepochtimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
70fbd157f02619ebe2855feece0c0ad7790d532005d08d8180423892e89a1a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
expires
Mon, 13 Dec 2021 12:52:08 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&time=1639399928733&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Ft.co%2Fd8OVsIoOym&host_url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&random_number=16749592684&sess_cookie=5ec36bab17db3d9b39dbfcaf7ff&sess_cookie_flag=1&user_cookie=5ec36bab17db3d9b39dbfcaf7ff&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-21.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 04:15:07 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
31021
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
6rYOdd3fL3ee6NVypMeZEq84jNZk_HqGqtn7YzDOBArkc2Xyh23HTQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.217.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-217-14.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
server
Server
rules-p-a128V7tctPVtT.js
rules.quantcount.com/ 		3 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 03:56:58 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
age
32257
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:44:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
zKDpc4o1hi1VoV16JY33Xx9rcN6qnd6hCvCrpmQmaWMvWJpq-JVL0Q==
collect
ea.epochbase.com/api/analytics/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/collect?tid=G-RD0QM5H02Q&site_id=www.theepochtimes.com&v=1&en=readactivity&percent_scrolled=0&v=1&en=readactivity&post_id=4149549&read_duration=5&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&cid=1160537288.1639399929
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10465455-30&cid=1160537288.1639399929&jid=117777067&_u=YGBACEAABAAAAC~&z=1495835303
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10465455-30&cid=1160537288.1639399929&jid=117777067&_u=YGBACEAABAAAAC~&z=1495835303
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=221101298;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtw...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=221101298;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter;ref=https%3A%2F%2Ft.co%2Fd8OVsIoOym;uht=2;fpan=1;fpa=P0-2066239729-1639399928791;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=theepochtimes.com;je=0;sr=1600x1200x24;dst=0;et=1639399928791;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.80%252C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack%2Cdescription.Up%20to%2080%252C000%20South%20Australian%20(SA)%20government%20workers%252C%20including%20potentially%20the%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2F80000-south-australian-govt-workers-hit-by-ransomw%2Csite_name.www%252Etheepochtimes%252Ecom%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2021%2F12%2F10%2FGettyImages-1298533353%252Ej
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&pr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&pid=Z57Q6V2WOCFDn&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22sticky_ad_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2FEET_article_top_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
99HHRP7F4KWJAJ2DYM32
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
54IDrgbdzsSKqjJanIgsHWotpmikXnXjzs9DlE_Rkzu3waVqinYijw==
cookie_sync
prebid.adnxs.com/pbs/v1/ 		708 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
c70027927288db02a742e9cb0e86209ff579e22d57b86c28c8575e68b81bf547

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		260 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
1e84f4e537c81e632712afb205916e1113801fc1b71ac41b57640533ebeecf86

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		137 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6cba7bb423a4339cb1db4062b98ba65c461ab4127ec3fbd78ee71932d36de7dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:08 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d777f2dc-e93e-49fc-bf61-b95a90d19fa4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_top_728x90&cmd=bid&secure=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1f1328a34f6855bee583e7779b62ac8c44661567cb9d59537ec54b4c317323ee

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
content-length
62
imp
g2.gumgum.com/hbid/ 		2 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=32025&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&ns=9318
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=299835&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221347fe662a6662c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22140db16ed20b51b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221506436e9818868%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216a4186f5fd4d5d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
34d4d400d7005e3d2bb0920f1854df4f6a1c4fb81e5b8f98a4255729c13b5d31

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.199], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 13 Dec 2021 12:52:08 GMT
arj
epoch-times-d.openx.net/w/1.0/ 		73 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dfac818a-5c97-4a18-90cd-d73abe2fa0c0&nocache=1639399928829&pubcid=a9899ef5-ad99-408f-957b-698cdd20370e&aus=970x250%2C970x90%2C728x90&divIds=sticky_ad_top&auid=538813617
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
f8d7a90fa2628f566185219f09ce9ea0afb7b3a83eb7097ae6e25b54b2ad1100

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&pr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&pid=Z57Q6V2WOCFDn&cb=1&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22ad_right_top_300x250_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
SQM47RQ86YFHDQ7DEV6N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
-bi3tpM_jQuILhKRtSUt773BaNYbqD1dzWQRpIdNeRzclREZfG8BIg==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
4fa45cbe650dfae59ec9c8f624c96a48dcff7fbbc27dba4f7226577560f9ae76

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
imp
g2.gumgum.com/hbid/ 		2 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=32023&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&ns=9318
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
arj
epoch-times-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=147e89d5-f9d7-4314-ab1f-1d9bcdbbfce5&nocache=1639399928835&pubcid=a9899ef5-ad99-408f-957b-698cdd20370e&aus=300x250&divIds=ad_right_top_300x250_1&auid=538813611
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
f9373ba07dc615d06ad29db9726f4d9d7ddb676db2fa43ff661d269289aef4c3

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_right_top_300x250_v3&cmd=bid&secure=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f4cf5246bcfae3ac1315f8c1aea684c948a954a3251fe0ed11c4c5510e4e6c2c

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=299842&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2231ca267f54a8ff5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22329176f3ee11f9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299842%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
179c60d99b15f965561e229d369efc7250ce9df153f06db738d92aace6ab7c0e

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:08 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.199], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1105
x-ak-client-geo
12
expires
Mon, 13 Dec 2021 12:52:08 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f316e72eca3912701e2a856b463ea0ec618d9badb63100499603652f04f0ea62
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:09 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0b127452-44e7-4b31-817a-9e14cc6d311a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
us.gif
sync.go.sonobi.com/ 		49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:08 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1445155818888687&correlator=1916107724290882&output=ldjh&impl=fifs&eid=31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=5965368%2CEET_article_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_australia-237%252Ceet_international-19%252Ceet_world-89904%252Ceet_australia-featured-news-100611%252Ceet_australia-top-news-100612%252Ceet_todays-headlines-98892%26EET_post%3D4149549%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1639399929&dt=1639399929005&dlt=1639399928129&idt=676&frm=20&biw=1600&bih=1200&oid=2&adxs=300&adys=126&adks=3587454004&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2Fd8OVsIoOym&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x30&msz=1000x0&ga_vid=1160537288.1639399929&ga_sid=1639399929&ga_hid=1896038462&ga_fc=true&ga_cid=730694018.1639399929&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
99a069e200b9197d8c9b29dca90ede157f55e2f1bbbf51d2bedadbab2bf74f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9172
x-xss-protection
0
google-lineitem-id
5839780748
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372038117
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 575D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 13 Dec 2021 12:52:09 GMT
expires
Tue, 13 Dec 2022 12:52:09 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E2F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=147201
expires
Wed, 15 Dec 2021 05:45:30 GMT
date
Mon, 13 Dec 2021 12:52:09 GMT
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1445155818888687&correlator=1916107724290882&output=ldjh&impl=fifs&eid=31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=5965368%2Ceet_article_right_top_300x250_v3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2%26hb_adomain_rubicon%3Dmrvegas.com%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Ds2s%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.05%26hb_adid_rubicon%3D376d54ebe98ff1b%26hb_bidder_rubicon%3Drubicon%26hb_adomain_ix%3Dmrvegas.com%26hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.04%26hb_adid_ix%3D35502dde40e6654%26hb_bidder_ix%3Dix%26hb_adomain%3Dmrvegas.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D376d54ebe98ff1b%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_bidder%3Drubicon&eri=1&cust_params=EET_category%3Deet_australia-237%252Ceet_international-19%252Ceet_world-89904%252Ceet_australia-featured-news-100611%252Ceet_australia-top-news-100612%252Ceet_todays-headlines-98892%26EET_post%3D4149549%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1639399929&dt=1639399929067&dlt=1639399928129&idt=676&frm=20&biw=1600&bih=1200&oid=2&adxs=1100&adys=192&adks=2786340635&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2Fd8OVsIoOym&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1160537288.1639399929&ga_sid=1639399929&ga_hid=1896038462&ga_fc=true&ga_cid=730694018.1639399929&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7bea207ee44e8a75cebe6a3be7c18e2fd5d10a78794d3613dac44c63dca8f078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9228
x-xss-protection
0
google-lineitem-id
5839780748
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372038114
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
breaking-bar.html
www.theepochtimes.com/assets/uploads/html/breakingnews-bar/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/uploads/html/breakingnews-bar/breaking-bar.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:26:04 GMT
server
nginx
etag
"61b749ec-0"
x-cache-status
HIT
x-hw
1639399929.cds142.fr8.hn,1639399929.cds135.fr8.sc,1639399929.cds135.fr8.p
content-type
text/html; charset=utf-8
cache-control
max-age=600
content-length
0
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
94729.js
mixi.media/data/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixi.media/data/js/94729.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20211210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
33a6ad24318c10838a063dccc2f80c8281df1d86568efdd49c7df8917cc35efe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Encoding
gzip
Last-Modified
Monday, 13-Dec-2021 12:52:09 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame 4E2F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3320501&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7d2ad1b7ae77e521333ee3bb9c11324d6020625123cdbff71b5f9ab953f94b28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 8AF2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:09 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 13 Dec 2021 12:52:09 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 06F0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4797991891875058763
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4797991891875058763
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug019:0:450
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4797991891875058763
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F477 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 13 Dec 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
491680
Pug
simage2.pubmatic.com/AdServer/ Frame 0435
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041169080129157261
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041169080129157261
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug020:0:364
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 13 Dec 2021 12:52:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041169080129157261
setuid
ib.adnxs.com/prebid/ Frame B284 		43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.17.9
Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
AN-X-Request-Uuid
b7d4aab7-1857-42ec-90c4-7c0f7b3af572
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P7C8caArRW2EI1HQIm2_Sw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P7C8caArRW2EI1HQIm2_Sw%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147201
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 15 Dec 2021 05:45:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=644b61b7-41f8-4e00-aa71-6802c36d3202
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=644b61b7-41f8-4e00-aa71-6802c36d3202
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=644b61b7-41f8-4e00-aa71-6802c36d3202
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 13 Dec 2021 12:52:08 GMT
/
pixel.onaudience.com/ Frame 4E2F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3FB0BC71-A02B-456D-8423-51D0226DBF4B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=4419b5d6-9e21-44aa-ba89-f07b101fa27d&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d0c5805a8fceed31b0d06dfde566fa36
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca36f71eb5150096800bdf94279f14d2
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca36f71eb5150096800bdf94279f14d2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-2.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 13 Dec 2021 12:52:09 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca36f71eb5150096800bdf94279f14d2
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ZCMEJDNzEtQTAyQi00NTZELTg0MjMtNTFEMDIyNkRCRjRC&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ZCMEJDNzEtQTAyQi00NTZELTg0MjMtNTFEMDIyNkRCRjRC&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:446
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOHCafQcCwCHz7X3JRk1_Fo&google_cver=1
42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOHCafQcCwCHz7X3JRk1_Fo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:440
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOHCafQcCwCHz7X3JRk1_Fo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4E2F 		43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 12 Dec 2021 12:52:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:440
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Server
MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 13 Dec 2021 12:52:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4419b5d6-9e21-44aa-ba89-f07b101fa27d
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4419b5d6-9e21-44aa-ba89-f07b101fa27d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:805
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4419b5d6-9e21-44aa-ba89-f07b101fa27d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3069240408983036820
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3069240408983036820
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:395
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:09 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3069240408983036820
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 4E2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8022406444498508336&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8022406444498508336&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:584
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:09 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
06ddd229-91b9-46d2-a376-c33ee1e62ef6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8022406444498508336&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1AAC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUjV1QqDyEaSV6kxhJ3Ywwcr7TLc3Pb0lgKgSxeOIkVXppks9hy_oypA3wswsHwEeUCat38XCcrjxdPfor_4-JuduQm901m55oMAjK4iTon6_ZPs66631HzNxoeP7Rfdhy5e9tCSHBg5IvQp6jgdd9mUZQU8zB-qBACDI_k9lY0qbMGWVYAW6gyUDXdyOKBdE08VnBYVUzUE03BXv33gnE-amS-QaCve5hWgAjRJFQGQWdkOPgHV3Orj3pUqebGiniDaIrxxn4yoFnDPknKTqmH4lNyfcfxXNS_TiR49Z3wWb4SctGwPcqrl4HW1CmKvFBUghWfHUVSaRl1XDMqYNO7tNwA_X4&sai=AMfl-YSjsMIKHEhVkGWTR_q_60VAOqetFMVjGsV-iqlQk-hRwfIwmmYOP9QsZeUZSJUoWbJPrBeIkxnnRZeFQRciOnjPqJHVPoR_amoTODjDRL4qDk5-cbrPT-iQg8Xaa1Xw&sig=Cg0ArKJSzOsQlEYddQB6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1AAC 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 12:52:09 GMT
11007342447953380472
tpc.googlesyndication.com/simgad/ Frame 1AAC 		299 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11007342447953380472?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddf07d36e266484d6c5d046b1ca2ff178782c23c623e942496d692a620340d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 03:18:05 GMT
x-content-type-options
nosniff
age
293644
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306387
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 01:29:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Dec 2022 03:18:05 GMT
jsapi.v5.6.0.en_US.js
static.mixi.media/static/jsapi/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mixi.media/static/jsapi/jsapi.v5.6.0.en_US.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
9d626f07bedfb4a51b8d37382cb3753814b76c58442c82049599e8b6525817c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 08:58:08 GMT
Server
nginx
ETag
W/"61a73920-3eaf1"
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
/
target.mixi.media/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.mixi.media/init/?blockid=94729&siteid=49188&bw=1600&bh=1200&ref=https%3A%2F%2Ft.co%2Fd8OVsIoOym&rnd=2693845797115
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Target-Version
2
Date
Mon, 13 Dec 2021 12:52:09 GMT
X-Target-Final
20211213155209-0
Server
nginx
X-Target-Host
target2-1.ssel23
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00045
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Mon, 13 Dec 2021 12:52:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1AAC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ3yqemlgePJryZMJ6ri_80XUaGmxx6-m8jcwG9y_zbdAMPskw3t1o5qNJyV_OVhWiJy9vf64wWgsZmcEq7nSsXLdqWMMfVwk2c7GAAZQAeVG4XbBbfwyj8acbUhcRF5z-ei0bthnkeLFL5UX85WFmYuP1NoFYeLK_EGd0U36W3ZBC5yuwpXnDqIdIc2Kb9pTEpRz6mg4RE75z3ktwSKlqT7HbOyB9LAsS28E0bpzmLzX1snugQun1MJOrbpkPb-oJYrBJFKjoUQ3phweCSL10V-5i1-UVJUB01D6twKyMWjFcwSKDv3tnX5_d17gw2umurq-URsRpFeVP&sai=AMfl-YSzXaGluHtMq_-D9KFqZZK_Acz_YzYnKCEO33-4ISDGJWjJaxQG8h73zfnif5Z2E8WPzlEjSiUHtn0yozcvt7lbbKNntwjDRq26nz_qPndGz6A4__5vKovbE3Cj5lXM&sig=Cg0ArKJSzGudxoNekFGOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 13 Dec 2021 12:52:09 GMT
truncated
/ Frame 1AAC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acfc2148016bb388096d50ed3c12bd825d229ab05d46e8d4a8c61ef9577504c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
jsapi
mixi.media/newdata/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixi.media/newdata/jsapi?action=news
Requested by
Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.6.0.en_US.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
f6a430cf4e356d78546e2a8cd481251875e6e04a38f710e573eeb1a93d3b0c20

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Encoding
gzip
Last-Modified
Monday, 13-Dec-2021 12:52:09 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Node
ads5-3ssel31
9547547.jpeg
static8.mixi.media/img/400x300/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.mixi.media/img/400x300/9547547.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
279992d24e5d7d1ba99bc6550fda63e6482eba6443e486e5e516934b20d9ea25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Sun, 31 Oct 2021 10:00:51 GMT
Server
nginx
ETag
W/"617e6953-5b82"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34441
Expires
Tue, 31 Oct 2023 10:02:52 GMT
9691842.jpeg
static7.mixi.media/img/400x300/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.mixi.media/img/400x300/9691842.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
ec0d6c86b538251d6d95930b500513dea6f0f2f308855946f95e3846d985df6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Sat, 11 Dec 2021 05:54:52 GMT
Server
nginx
ETag
"61b43d2c-228c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8844
Expires
Mon, 11 Dec 2023 05:55:25 GMT
9675590.jpeg
static3.mixi.media/img/400x300/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/9675590.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
ef50db4f06bbeae1a22807ace25d6daa9288fa08616e5f37dfc019530bf4fdb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Tue, 07 Dec 2021 01:35:58 GMT
Server
nginx
ETag
W/"61aeba7e-d68a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45979
Expires
Thu, 07 Dec 2023 01:36:20 GMT
9696769.jpeg
static8.mixi.media/img/400x300/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.mixi.media/img/400x300/9696769.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
bcf8ea1953798e6a61055f4992c376a8632a7d4ff833033ca31df41fe112e708

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Mon, 13 Dec 2021 05:08:18 GMT
Server
nginx
ETag
W/"61b6d542-9e07"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35256
Expires
Wed, 13 Dec 2023 05:08:49 GMT
9696831.jpeg
static1.mixi.media/img/400x300/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.mixi.media/img/400x300/9696831.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
952099b7a9abba9b5e0a84a36585c173f5c2871b70ea4037a4da98908d0fc032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Mon, 13 Dec 2021 05:47:30 GMT
Server
nginx
ETag
W/"61b6de72-12e7c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84347
Expires
Wed, 13 Dec 2023 05:47:59 GMT
9610590.jpeg
static2.mixi.media/img/400x300/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.mixi.media/img/400x300/9610590.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
3da224ebe7ed1636bee64e7d29290186f8618a06262f6139a28154a6807356de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Fri, 19 Nov 2021 07:17:30 GMT
Server
nginx
ETag
W/"61974f8a-faf0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34473
Expires
Sun, 19 Nov 2023 07:18:11 GMT
9691894.jpeg
static4.mixi.media/img/400x300/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static4.mixi.media/img/400x300/9691894.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
78412837a9966387d611232de47f436b1f55b5d4b6e8dcfde17bffc6d205173d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Sat, 11 Dec 2021 06:30:02 GMT
Server
nginx
ETag
W/"61b4456a-10ae0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51555
Expires
Mon, 11 Dec 2023 06:30:54 GMT
9696770.jpeg
static6.mixi.media/img/400x300/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.mixi.media/img/400x300/9696770.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
96846accb193f09cda8c38680314f9a0fd5134dda688f0df7aa631f5bf2537be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Mon, 13 Dec 2021 05:08:58 GMT
Server
nginx
ETag
W/"61b6d56a-87f6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22945
Expires
Wed, 13 Dec 2023 05:09:36 GMT
9691590.jpeg
static1.mixi.media/img/400x300/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.mixi.media/img/400x300/9691590.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
5ce026281ddff606dee8575df1c4278c0720be82366ff8f8a4b94d695683e0f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Sat, 11 Dec 2021 00:29:57 GMT
Server
nginx
ETag
W/"61b3f105-aae9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43501
Expires
Mon, 11 Dec 2023 00:30:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EC83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst49VPldbHQOBNQcmwEMwlWWtbmNb8kGvt3dE6zb7RFGMncDywpZLV2Xmh2fT2MFHbfPGZMsQTNZhvms5jIZSnndMSAfh-VA9R5vdbIG6wCqBn92VgDU6csUAcy1FELK9Bf8rVyOy0GtE11VgIWIhIpMEH5wAQhufnGz7xa_iC2X8XMc20HsmHtaISfHE4l-fMPIRVB3_DpGHLYB0K02k8yGhXnd7_Lsi5mSQTxcKMoHvrDF0_TcNNng69eLwbU3TnAPfVvetCfAvAYSrD3y0yvgquQhQgnDq1G0o6hfmCQI61Zdx4aBO8hyFj6DpkQOc6c2HLds5gm4c2T5P2lwui83we7oA6HDtVwCzuLuvu9g1PXNw&sai=AMfl-YQlpkSa6ePkQBcIZe132gH1G0iNOV8Zm6Q79voApuZhBdTsJ59bL6AIFFQfhfICQlVFbE0CbasYN8hCQUBRpPbpgMXgmIaFbGeiryKjmAiroAe09zk81aTFMyIyThL7&sig=Cg0ArKJSzLxGpy5BitsfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC83 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 12:52:09 GMT
4413490078048366548
tpc.googlesyndication.com/simgad/ Frame EC83 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4413490078048366548?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb0d8115b69d6d0768228115d8dd26b21ef47ea4e6834f6f9cf497906516641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 02:10:13 GMT
x-content-type-options
nosniff
age
297716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78020
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 01:29:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Dec 2022 02:10:13 GMT
settings
stat.media/counter/ 		450 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CKSAAxIkZDAyOWY3MjUtZmFhMi00ZTZkLTg5ZGUtZTdjODg3NDc1YmY5GJLs5p7bLyIkODIyYmQ1ZmUtMTM5OC00N2YxLTkyZjktMDUxMDBjZmYyYjMy&cb=_callbacks____0kx4oe1ke
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
2509c54de4a7bec2887572431ce2643babd37d241b15dd5969809100dc48c8c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame EC83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC3DaLga1IGzHhDDaK-5DQTS59dyQCFfaJpGf5jYAhXLlHvSUeDr11M30u5G3scUn-c6LmPVHsiOSq4ZXOGQJOGlEaI6Ri2KsaJG5vTkSQg8WI4quIkf9A0RHBrE25VnVN7I2eJNiYWlS_X5zqm-qroPmh5q9eBQCUZuF4vETAaB1e581zRR-FN7gaDar2UEWagvcOo8zT5zeKJ9QHlcF-Dravv1lqJKWSAK7LWrY4RiE3bDprmU4CXdyajjMuOG2hE_LPdoElv3CbDEj25PojI_YNY2Kz9EBthLtsYBafkMOXkvKsbeM15ddg7pIL-6_trUTZCghbRuJ4piNR8bVR0Z_6vOVMYg&sai=AMfl-YR3xVaW_Fjb5bVNX_S8G3aPgFQjpWrsIEeb33am8ypqKbOZINuMFIFMXTFnB4lg7fdmJ0Kv7OSF3zYpMZ9UUzMIYY11Hsl2FChFbDllfSfeR6N3tJe9r-eH75XX0dhB&sig=Cg0ArKJSzG6-DDJo17WsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 13 Dec 2021 12:52:09 GMT
truncated
/ Frame EC83 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c720ada845fd43297d4f29906e186c0c0678a11f8498eb0e6c3ddf629b4a32a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
/
mixi.media/cookiematching/ 		43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGQwMjlmNzI1LWZhYTItNGU2ZC04OWRlLWU3Yzg4NzQ3NWJmORoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjM5Mzk5OTI5MzYyGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDgyMmJkNWZlLTEzOTgtNDdmMS05MmY5LTA1MTAwY2ZmMmIzMhoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1639399929785
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Mon, 13 Dec 2021 12:52:09 GMT
Last-Modified
Monday, 13-Dec-2021 12:52:09 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:09 GMT
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Mon, 13 Dec 2021 12:52:09 GMT
Server
nginx
Connection
keep-alive
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9bdf735624eb503cceb9ceee5fd86f7d325be92c7b4a13286374d26970098af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8568
x-xss-protection
0
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Mon, 13 Dec 2021 12:52:09 GMT
Server
nginx
Connection
keep-alive
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
xt6pRWDyjsohE07NjkysqZGlxj1mdwxjCxtyxCOVVS3bzJ/NTcEr4dNqnQhmtzXB/tdwDLo+mSKzitW8P/+ovQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 13 Dec 2021 12:52:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
push_notif.js
services.epoch.cloud//public-labs/src/push_notifications/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Sep 2020 15:46:03 GMT
server
cloudflare
age
5001
etag
W/"5f6384bb-18fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SC%2BHQrbJFbjAzpQarp4WQxngHn6f5Ynf1Jupq8SWTi2e7E7rNvz4DBRLEKJHdD93BHLKdqHfcj%2FE4C4jzcCoa8hIkjypleKsc0DXHBvUbHXKAhIswlq%2Fpu3J1gz3Y61eXpZNFj09xJlZufZ3nhydOWPxhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6bcf53fa2cd40eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ge.js
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by
Host: t.co
URL: https://t.co/d8OVsIoOym
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.132.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6e88237108127024092b10e93eb3e08ef39c2b9f293339f84b0640a746f37ac0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:11 GMT
Last-Modified
Sun, 21 Nov 2021 17:31:13 GMT
Server
AmazonS3
x-amz-request-id
Z54NZYD61SBMBW64
ETag
"d3e7c690ed8fb30d767f4a9c2818372f"
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
25848
x-amz-id-2
t5n8O4uqm4/5BxkGRgzT6tyXl6HED4y7rJRNm3vkAsLi/wqw2szLhRxp7pun07Ceqe2cs1Jgnpo=
Expires
Tue, 21 Dec 2021 17:31:11 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html
  • https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=80000%2dsouth%2daustralian%2dgovt%2dworkers%2dhit%2dby%2dransomware%2dattack_4149549%2ehtml
  • https://a.clickcertain.com/px/?c=244b81b94c69796
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=244b81b94c69796
Protocol
H2
Server
2606:4700:3039::6815:c075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d08f3e6b9ae1a6910de3fbb4de0fc131c177ec960a48d1e00a383728aadfd7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:10 GMT
content-encoding
br
x-frontend
cc-nginx-5887db8794-r6wcg:cc-nginx-5887db8794-r6wcg
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
98b89e41-e8bc-914b-9072-348f5987d04f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d3VsW2SXzRFRNAUTP8vztUWED2o3Pfdt9jH7wRv7cSjgvwHaYlKyo6ccJ2k%2F15WYmMzbRz97DE47yW8hQUFK%2Fg0fmpcLzAMXC7joHC%2FdZOXW69yQQv%2BJUPTKgIn%2FUfcTsmzqEadUQO%2FhSpkxR5SLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-envoy-upstream-service-time
22
cf-ray
6bcf53fc0fa24e1a-FRA

Redirect headers

date
Mon, 13 Dec 2021 12:52:10 GMT
x-frontend
cc-nginx-5887db8794-n8r5t:cc-nginx-5887db8794-n8r5t
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
dbb5f34e-8f8b-9932-81f9-3894ed3b643a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQqYsTrTpiCYolAPsGvvdSrUpkf7LqfNdKJdLl19fjPV2JeqA8qafZrHQ2mk4XARhQqElqipNL6Z941xRtI3OPJTjHRqT7Z1iWyHyy%2B0f1vsvFSO59OTLwLUasOE%2B5VwL1Bym%2FQ6t%2B7U1rkQEnZdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://a.clickcertain.com/px/?c=244b81b94c69796
x-envoy-upstream-service-time
32
cf-ray
6bcf53fb0de94e1a-FRA
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/24003086/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:43:28 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
0
x-amz-cf-id
Qo9eAIgqAgfXt6t_dkGVotmB2QpD0pCqY2wNxYiiC2Cx3R4jJ0xy4g==

Redirect headers

date
Mon, 13 Dec 2021 12:52:09 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
HMBciHENxaBQfIIeCc46OYvf9d50gSbwH-q8RyvFxXwvIQYfZcybbw==
179006610034452
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/179006610034452?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
999e4a10af4dc5a2320fb18cbcb0306640e18a3f8745a489be245b363a2f845a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
T8guWzvFOJiuvCAnTurCofdgPnQlZLEizloy17FVWhnQzW4v4pi7I4KoQa4oCHeDYiN01N8ra+v2qI3djO1YSw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 13 Dec 2021 12:52:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 13 Dec 2021 12:52:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B07 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 13 Dec 2021 12:45:00 GMT
expires
Tue, 13 Dec 2022 12:45:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1C69 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a2e59f924f187682fae55294d77b443d65eecc14aa240b3ff6eb5926897bf76b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2W5s+ZFwW8zSpeyvapL0Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 13 Dec 2021 12:52:09 GMT
date
Mon, 13 Dec 2021 12:52:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-2W5s+ZFwW8zSpeyvapL0Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b413bf4fa936cc351ac6476e0df69b50.js
clientcdn.pushengage.com/core/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-116.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
096a7caacb4e844a1d4a5bad9b9145784a9f5b5d7e9397bbbb6e83f646c46505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:50:39 GMT
content-encoding
gzip
server
nginx
age
91
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
eLaQGngim-C1n4MOaGvUz02XCaJlOkHo73wL2tINOGm3pgxCQmK4yQ==
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 8B07 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 14:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
78749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:59:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1445155818888687&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1445155818888687&bg=!W1ilWBzNAAZKWFskSlg7ACkAdvg8WpvGy1krWqQhFj7j9RHaQsbzGlcUhS7N315ofa9K81m2uygxUQIAAABMUgAAAAloAQeZArR-uMsRU6iRkRx72GbxrdLAdTy806WtSKVbDR0Q18n3C-MbhXZ__ebnxxCYuq7R5YBe00DncHFyRygOalc5u1IgTdhEa0aQmEC3yqf2XhAvGu3DE2SNyO8XVnR8pPqvCbMv66tw_3EoWz1U6JzLKw2BTKb1TdMNCOenQD3G1_sFwJyL-4hk3MJuF7uxk_pD-hbqoQutdFhDrJNhGXqPNIpJTgeqVJJ3LQFMV_-arv0smXXMGbskDL_gWeGb1UaibQivIqyIXY-Sydl5dPuynK5dLcn8nvdT5qT3HlwAGGBSl7d50VF1DHedQrqgPDxdKBmEBA1ho5N_5kGiUGqRDI59Bq9chl-RSf5cFEt1L4PyMR-cGHEj276u6YyoZLQnmytuPBaaPEhPHIRdnpTJs95HSeYu2wbTXn_dK1uYqEIRz9jeMIJPTNkRjGgHMZtP_MA8PCBGoZPgWuQGoxn0U8XEk6Zr3eLQwNev6pXcsNYGJYw__kp6JZYe4r7NrFHBo-0NY3i6cOVR-SfEriUMDXrMZon2Wei1cGY4gEtu-sJ_jBdknTSEghBox0w9YgjHagRL7Bz-9d-9vUikiH2Xbo4rWSJjevsfVE2JCVp9u-03DHvub-ICnELD0e_4WC8Ek31N8OY5tWtfCjjE54sVVpNY4-9C50kG1atG8jaLXQSL6korGLnpApWqufnYc7-GGjP0z3wmP4BrjRleWADWTxxbslHFZXD6pF2o-Mr6OCWBaGYsJ2biEvNCDjOkFa6sKwKxp_R2lPRgQDp5iH7Y7thLv32f2Wjcd5o4hWlme38LUq56Vce0XEOJZTdk-0EaozPxo6XEcZOROwDjlkCoZ0rJXzaRrtI0cUcY3V2SZl5WunmqOaVWl8e4oHpI45bzSRzorTkAxLqijJWY6WL1Pe7U1sfM1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=179006610034452&ev=PageView&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&rl=https%3A%2F%2Ft.co%2Fd8OVsIoOym&if=false&ts=1639399930155&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639399930154.2027939124&it=1639399929929&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 13 Dec 2021 12:52:10 GMT
/
a.clickcertain.com/px/cont/ Frame 571B 		942 B
693 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&cn=DE
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f1cf477edab6e4a4772b521c27e92c2377a93a6d1f44a38809ca57c47b284e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 12:52:10 GMT
content-type
text/html
etag
W/"YTM0YjQ4ZDRnNWNkOWc0OWY4Zzg1NGFnOGJhN2I2ZTBiM2QzLXow"
x-frontend
cc-nginx-5887db8794-n8r5t:cc-nginx-5887db8794-n8r5t
x-requestid
db2e6148-fa21-965d-b79c-a59fade8fc75
x-envoy-upstream-service-time
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1duNJdJIvsAvi0SUROitdE%2B7CAD7xUO1enfF4phDBFxGsypu%2FTu2CMRlq2Fq5hdCSS0LE6n970FfzRqOGsE6Pb7DCuocgpl3m4kqHRMlEMj7Ip1zArA0%2FLcxMVT2NOnC8SS87nHy4lvwOXlyOqU6nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bcf53fd2a044e1a-FRA
content-encoding
br
activeview
pagead2.googlesyndication.com/pcs/ Frame 1AAC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUBzn12lbS_QjV7I0xxU8qcSuKbXdJddQLJzPYieVZSFWI-suwh_Kah8oa7VbI85CbrkXVLUM_AfnyCWydFWSV26MZ_QHXBzWk5Kg_2U2SFRT68gyF&sig=Cg0ArKJSzNg83I5G_hx6EAE&id=lidar2&mcvt=1000&p=126,315,376,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3587454004&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639399929377&rpt=90&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a.clickcertain.com/px/ta/ Frame 571B
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=ae96d371-9e11-444d-891c-927a172a61f8
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=ae96d371-9e11-444d-891c-927a172a61f8
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&cn=DE
Protocol
H2
Server
2606:4700:3039::6815:c075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:10 GMT
x-frontend
cc-nginx-5887db8794-tkw4t:cc-nginx-5887db8794-tkw4t
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
f5ccf5b7-d913-922e-abb8-193b82c8cee7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kX%2BspZt5p262WNSdXBvXwWN%2F%2BBLQxcPO6Y6bMbyVvSjnM8rXHxMbLVStnP6CB220RA9aaCKvGkM5YywiO7IlWVV2IdU8pxZJPZak0oyi26Bk4j1z26eRiqO88gAUELzUW2qQPQokIRLSY4Gh6k%2FmFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
19
cf-ray
6bcf53ff6eb14e1a-FRA

Redirect headers

location
https://a.clickcertain.com/px/ta/?done=true&ta_id=ae96d371-9e11-444d-891c-927a172a61f8
date
Mon, 13 Dec 2021 12:52:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
x.bidswitch.net/ul_cb/ Frame 571B
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Da34b48d4%2D5cd9%2D49f...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&anx_uId=$UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&anx_uId=8022406444498508336
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&expires=5&user_group=0
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&expires=5&user_group=0
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&expires=5&user_group=0
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&cn=DE
Protocol
HTTP/1.1
Server
35.156.121.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=a34b48d4-5cd9-49f8-854a-8ba7b6e0b3d3&expires=5&user_group=0
Date
Mon, 13 Dec 2021 12:52:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
getcity
sc.youmaker.com/ 		113 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/getcity
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 12:52:10 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-length
113
content-type
application/json;charset=UTF-8
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=179006610034452&ev=Microdata&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&rl=https%3A%2F%2Ft.co%2Fd8OVsIoOym&if=false&ts=1639399930658&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%2280%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack%22%2C%22meta%3Adescription%22%3A%22Up%20to%2080%2C000%20South%20Australian%20(SA)%20government%20workers%2C%20including%20potentially%20the%20Premier%2C%20may%20have%20had%20their%20personal%20details%20...%22%2C%22meta%3Akeywords%22%3A%22cyber%20attacks%2Cdata%20breach%2CFrontier%20Software%2Cpayroll%20system%2Cransomware%20cyber%20attack%2CSouth%20Australia%2CTHE%20EPOCH%20TIMES%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%2280%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack%22%2C%22og%3Adescription%22%3A%22Up%20to%2080%2C000%20South%20Australian%20(SA)%20government%20workers%2C%20including%20potentially%20the%20Premier%2C%20may%20have%20had%20their%20personal%20details%20...%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%22%2C%22og%3Asite_name%22%3A%22www.theepochtimes.com%22%2C%22article%3Atag%22%3A%22ransomware%20cyber%20attack%2Ccyber%20attacks%2CSouth%20Australia%2CFrontier%20Software%2Cdata%20breach%2Cpayroll%20system%22%2C%22article%3Asection%22%3A%22Australia%22%2C%22article%3Apublished_time%22%3A%222021-12-10T02%3A43%3A02-05%3A00%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2021%2F12%2F10%2FGettyImages-1298533353.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639399930154.2027939124&it=1639399929929&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 13 Dec 2021 12:52:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC83 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK3uDZQ5twzy1B0P9QcKB4SQ_l3urefuykuWMwQlBFhJEsJv_Z9YcC50rmgwsCIkXMkiKI6BhrODq8LFFQ6u3SbWFNqlh6XiqwQO7nUlxAdJPqRJES&sig=Cg0ArKJSzIdjob5rhgzmEAE&id=lidar2&mcvt=1000&p=442,1100,692,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2786340635&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639399929659&rpt=61&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%25224149549%2522%252C%2522script%2522%253A%2522https%253A%2...
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%25224149549%2522%252C%2522script%2522%253A%2522https%253A%2...
42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%25224149549%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25227782800b-869f-44ab-813a-3258c804c22b%2522%257D&title=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&referrer=https%3A%2F%2Ft.co%2Fd8OVsIoOym&tdc=1
Protocol
H2
Server
52.37.115.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-115-68.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
server
nginx/1.18.0
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/GIF

Redirect headers

location
/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%25224149549%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25227782800b-869f-44ab-813a-3258c804c22b%2522%257D&title=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&url=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&referrer=https%3A%2F%2Ft.co%2Fd8OVsIoOym&tdc=1
date
Mon, 13 Dec 2021 12:52:11 GMT
server
nginx/1.18.0
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/GIF
ixmatch.html
js-sec.indexww.com/um/ Frame 035E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame A283 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 12 Dec 2021 02:31:41 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 13 Dec 2021 12:52:11 GMT
Age
37227
X-Served-By
cache-lga21961-LGA, cache-fra19145-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 286062
X-Timer
S1639399931.021836,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8F4F 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Mon, 13 Dec 2021 12:52:11 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame 32C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 93D5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=150607
expires
Wed, 15 Dec 2021 06:42:18 GMT
date
Mon, 13 Dec 2021 12:52:11 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6BA1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame AB5E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=150607
expires
Wed, 15 Dec 2021 06:42:18 GMT
date
Mon, 13 Dec 2021 12:52:11 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AC26 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 12 Dec 2021 02:31:41 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 13 Dec 2021 12:52:11 GMT
Age
37227
X-Served-By
cache-lga21961-LGA, cache-fra19175-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 297962
X-Timer
S1639399931.021790,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8427 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Mon, 13 Dec 2021 12:52:11 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame AC26 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e22f4067-a066-44c8-a240-c291fae77d39
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
embed.js
comment.youmaker.com/web/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/embed.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20211118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
7ad3c64e6869d63f58ec9bfc53d7b5a71cb5270fa29dc9c1be0313f4b8450203

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Fri, 10 Dec 2021 14:51:39 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
7591
app-version
0.1.2
counter.js
comment.youmaker.com/web/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/counter.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20211118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f229a441e248cd9f4bb953ed7c90a4e922d67536f96cc4409be20a783b3a89cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Fri, 10 Dec 2021 14:52:02 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
2305
app-version
0.1.2
get
subs.youmaker.com/template/ 		185 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=signin&sid=www.theepochtimes.com&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9b4dfcce9ac01065ebfcacd45938420e39cfd6292c4234b6426ecb15255df7f5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
185
get
subs.youmaker.com/template/ 		185 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=signin&sid=www.theepochtimes.com&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9b4dfcce9ac01065ebfcacd45938420e39cfd6292c4234b6426ecb15255df7f5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
185
get
subs.youmaker.com/rules/ 		950 KB
952 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/get?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5f9d5f551aeab2624f742961efd68bd2b3ddd38778bd19770163780a0e5e601e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
alt-svc
clear
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
async_usersync
ib.adnxs.com/ Frame A283 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b81e399c-3e14-4aa9-ada8-8d4e7292481b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6BA1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef3009ce2be095d07fa5f80953e00d37b28d71a968fb61afaf327f3fb3b25697

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Dec 2021 17:06:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62564
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9507
Expires
Tue, 14 Dec 2021 06:14:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 029C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46aa0f0efc4349b524738aae2506a2d04d468e9773f4452efc9e7d21960b1e8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|10|105|47|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1558
Expires
Mon, 13 Dec 2021 12:52:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
344
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 13 Dec 2021 12:52:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c65cc66a2932bab8264a9929e108279a82eb9a6be06a776bc9b019488c88bd7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|130|81|65|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1622
Expires
Mon, 13 Dec 2021 12:52:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
344
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 13 Dec 2021 12:52:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Connection
keep-alive
khaos.jpg
token.rubiconproject.com/ Frame 6BA1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
SPug
simage4.pubmatic.com/AdServer/ Frame 4E2F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
show2
subs.youmaker.com/template/ Frame BB84 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2c01ba5ffbaf4287986e0c9427fd7e90d8c7402808cb70bb99754479eaae6ad5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
show2
subs.youmaker.com/template/ Frame A3D0 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2c01ba5ffbaf4287986e0c9427fd7e90d8c7402808cb70bb99754479eaae6ad5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
iframe.html
comment.youmaker.com/web/ Frame D77D 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1e55670a4814dd920f5d27e1ef2850f1068df39b043de03d282c8a8efb439f74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-type
text/html; charset=utf-8
content-length
4155
accept-ranges
bytes
app-name
remark
app-version
0.1.2
author
EMG
last-modified
Fri, 10 Dec 2021 14:51:39 GMT
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
counts
comment.youmaker.com/api/v1/ 		193 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c0c8286e32758dcd4d8a64ca3608718d4921817d04cd05658696f61651452d4a

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
via
1.1 google
vary
Origin
alt-svc
clear
content-length
193
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
expires
Thu, 01 Jan 1970 00:00:00 UTC
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:13 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
usermatchredir
ssum-sec.casalemedia.com/ Frame 029C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 029C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 029C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbdB.-45nYe5jAaKvkDA6gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 029C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HZ6TF69D5PPSSP9Q4SKA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
X8RQ5VSPB8GZQSY7EQ9R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-_45nYe5jAaKvkDA6gAABH8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 029C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=630854030393
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=630854030393
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:12 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=630854030393
crum
dsum-sec.casalemedia.com/ Frame 029C
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 13 Dec 2021 12:52:11 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 029C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k6eYvtzs1MWKOn5&gdpr=1
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k6eYvtzs1MWKOn5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:10 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k6eYvtzs1MWKOn5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 029C 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.39.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-39-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 029C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YbdB.-45nYe5jAaKvkDA6gAA%261151
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:11 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1003
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 13:08:54 GMT
dcm
s.amazon-adsystem.com/ Frame FF52
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KT1XC5KSNTYFMCSM5RST
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EB7TW43MDDA37HDJ3CMZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbdB.962Iy9VL0-ZNHmR9wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOwHzDeG3xrsYJSTmRETqo&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FF52 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbdB-962Iy9VL0_ZNHmR9wAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPWBCgOcOYbm5B4112TYxzw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADe8U7DboQAADxU7u0rqw&expiration=1640609531&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADe8U7DboQAADxU7u0rqw&expiration=1640609531&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADe8U7DboQAADxU7u0rqw&expiration=1640609531&gdpr=1
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-9edb_nXmWDghcto-ofSaKvRm27gh8po_4dL5I9X
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-9edb_nXmWDghcto-ofSaKvRm27gh8po_4dL5I9X
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-9edb_nXmWDghcto-ofSaKvRm27gh8po_4dL5I9X
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame FF52
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639486331&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639486331&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 13 Dec 2021 12:52:11 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639486331&gdpr=1
pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
tpid=YbdB.962Iy9VL0-ZNHmR9wAA%261189
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame FF52 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YbdB.962Iy9VL0-ZNHmR9wAA%261189?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.30
content-type
image/gif
content-length
49
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FF52 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YbdB.962Iy9VL0-ZNHmR9wAA%261189
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:11 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1003
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Dec 2021 13:08:54 GMT
babel-polyfill.min.js
subs.youmaker.com/views/ Frame BB84 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/views/babel-polyfill.min.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a2eeabe7d2f9bffed10632bc70aa79b5c38e6e0ea3e05481bcd2f02f7f5b4fac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:49 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
99294
userId.bundle.js
subs.youmaker.com/lib/ Frame BB84 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2e2d772cf1714b9595bd9293a9175c951e96d62b771b3abcd9ea406553a10e57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:59 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204514
babel-polyfill.min.js
subs.youmaker.com/views/ Frame A3D0 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/views/babel-polyfill.min.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a2eeabe7d2f9bffed10632bc70aa79b5c38e6e0ea3e05481bcd2f02f7f5b4fac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:49 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
99294
userId.bundle.js
subs.youmaker.com/lib/ Frame A3D0 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2e2d772cf1714b9595bd9293a9175c951e96d62b771b3abcd9ea406553a10e57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:59 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204514
remark.css
comment.youmaker.com/web/ Frame D77D 		78 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.css?v=2021120610
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
67912a9abd5755e9f9e6b0c5e891a8e7f2eb08e184a2ba36f818ba4de70ffa19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Fri, 10 Dec 2021 14:51:39 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
79424
app-version
0.1.2
remark.js
comment.youmaker.com/web/ Frame D77D 		309 KB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.js?v=2021120610
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1d1243a785eeae424ffb23538b4a9fe967016e07775d49c9ea7b1089085a5358

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
last-modified
Fri, 10 Dec 2021 14:52:02 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
316523
app-version
0.1.2
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1204&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1202&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3219&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=6201&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=6202&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13200&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13208&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13212&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13207&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=14201&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1204&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1202&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3219&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=6201&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=6202&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13200&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13208&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13212&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13207&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		68 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=14201&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
D-DINCondensed-Bold.otf
img.theepochtimes.com/fonts/ Frame BB84 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/D-DINCondensed-Bold.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e454"
x-hw
1639399931.cds125.fr8.hn,1639399931.cds154.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
58452
config
comment.youmaker.com/api/v1/ Frame D77D 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/config?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021120610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a997f1434a757dbb1accb3d336275608238853cd980d79997a225f8c62e29f82

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
1950
expires
Thu, 01 Jan 1970 00:00:00 UTC
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3200&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3200&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1209&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1209&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1208&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=1208&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13214&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13214&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13217&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:11 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13217&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:11 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3201&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3201&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:12 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1896038462&t=event&_s=2&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&ul=en-us&de=UTF-8&dt=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Impression&ea=anonymous&el=&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1160537288.1639399929&uid=anonb021-bb3c-449c-9a96-ce65982056ad&tid=UA-10465455-30&_gid=730694018.1639399929&cd1=237&cd3=%3Baustralia-237%3Binternational-19%3Bworld-89904%3B&cd4=%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd5=%3Baustralia-237%3Binternational-19%3Bworld-89904%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd21=4149549&cd23=Nina%20Nguyen&cd26=Australia&cd28=%3BAustralia%3BInternational%3BWorld%3B&cd29=%3Bransomware%20cyber%20attack%3Bcyber%20attacks%3BSouth%20Australia%3BFrontier%20Software%3Bdata%20breach%3Bpayroll%20system%3B&cd30=20211210&cd31=20211210&cd33=624&cd42=%3Bransomware-cyber-attack%3Bcyber-attacks%3Bsouth-australia%3Bfrontier-software%3Bdata-breach%3Bpayroll-system%3B&cd43=post&cd18=anonb021-bb3c-449c-9a96-ce65982056ad&z=1100417867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 22:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53205
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AC26 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:12 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
db638e27-622d-4326-b9bd-ec7486216edc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A283 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:12 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4ad41214-608a-40af-b103-fa1ccd842579
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d13e7dfaaec326ab88217e17629bb3ab1896d143fbf24f8016c882b315da94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 19:45:48 GMT
server
cloudflare
age
4543
etag
W/"615370ec-f1e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RH0PpTdPi9JVjWOMtJIxRq3wcoQQD%2FkiGDe2h0BfuqhgjiH72OIxYYg5Dkz6zj%2B5MbVewURGMvnzeihex09r%2FMkxyTLDih4Pc%2BsQOPhFOQWpmhsr2NRhnXSgixc7YYOoWxn7uAMpefynutZgspU9APoj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6bcf54084bde693a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
get
subs.youmaker.com/template/ 		227 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&version=3&siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&uid=3f8cc7aa-6cac-4bcc-b072-52a2e5d0ce85
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0931e8e21470b99deb7a1ca34a01ce06992ef6578e9b5387c02154d7fd5448fa

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
227
show
subs.youmaker.com/template/ Frame 8080 		75 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2a70abc3a50005469f032410931a3c2c93344acdad3c234232536d958ffa748f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Mon, 13 Dec 2021 12:52:12 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
userId.bundle.js
subs.youmaker.com/lib/ Frame 8080 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2e2d772cf1714b9595bd9293a9175c951e96d62b771b3abcd9ea406553a10e57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
via
1.1 google
last-modified
Thu, Dec 02 2021 17:05:59 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204514
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 8080 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d13e7dfaaec326ab88217e17629bb3ab1896d143fbf24f8016c882b315da94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 19:45:48 GMT
server
cloudflare
age
4543
etag
W/"615370ec-f1e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwzu5T3f1JxzY78VyM4MG3IjDdHd59iGd71GbxevRj9UQMR0c%2FqmKS51SiEsSlHY8U53fRtHGgLASS9SwqB%2FLGGVdpE0WyLLsU7soEMb7FQfX7h%2BZ%2BbgR07jsFUctcclEpXdoxf%2BtZCUhmUDZSyz0t%2FpNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6bcf540a1876693a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
client
accounts.google.com/gsi/ Frame 8080 		184 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46e54d86c4c46b8e1a8627d2c578f9ec4a9610dce1e6bfbfc428f0cbaadf42d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R7HKUEVjUiKX2y3c07Wz7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-R7HKUEVjUiKX2y3c07Wz7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Mon, 13 Dec 2021 12:52:12 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ Frame 8080 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4205118
x-jsd-version
4.6.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19175-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6bcf540a3ace4e2b-FRA
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 8080 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
22953379
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6fc1a75116c932681ed09108db37b84c
cf-ray
6bcf540a3ae9c2ef-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-3.2.1.min.js
code.jquery.com/ Frame 8080 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1639399932.dop219.fr8.t,1639399932.cds231.fr8.hn,1639399932.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ Frame 8080 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4205116
x-jsd-version
4.6.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19172-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6bcf540a3ad24e2b-FRA
Virus_Outbreak_New_York_21337740411145-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/12/06/ Frame 8080 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/06/Virus_Outbreak_New_York_21337740411145-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b2c779721422cb832ba0fd1e52c9348b043426695f4c9d3a2883f9aba9c0001b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Mon, 06 Dec 2021 13:57:04 GMT
server
nginx
etag
"61ae16b0-5251"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds167.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21073
GettyImages-518861692-campus-205x123.jpg
img.theepochtimes.com/assets/uploads/2020/09/01/ Frame 8080 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2020/09/01/GettyImages-518861692-campus-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
bcb705765f2fa18c246eb73efabc8482fe2aa73cd11066e56584421fe611f74d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Thu, 01 Oct 2020 20:16:38 GMT
server
nginx
etag
"5f763926-2322"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds132.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8994
changing-sheets-205x123.jpeg
img.theepochtimes.com/assets/uploads/2021/11/28/ Frame 8080 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/11/28/changing-sheets-205x123.jpeg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7d25d28c19c8c64569c10790a243880f0c1bc29e1ac6a3c5fc9a7cafb11ef3d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Sun, 28 Nov 2021 00:59:22 GMT
server
nginx
etag
"61a2d46a-1fba"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds055.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8122
woman-takes-vitamin-d-capsule-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/07/19/ Frame 8080 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/07/19/woman-takes-vitamin-d-capsule-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4f5a4886ff161dae16b300010d5efdea75d3a01929c2b65e90fd7d92ef709d78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Mon, 19 Jul 2021 02:04:05 GMT
server
nginx
etag
"60f4dd95-227c"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds141.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8828
Ng-walker_cropped-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/12/03/ Frame 8080 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/12/03/Ng-walker_cropped-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5f06f6e9481d766d19782ec1725722baeb242f9a4233d437415deb35fa6ef084

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Fri, 03 Dec 2021 13:18:03 GMT
server
nginx
etag
"61aa190b-544e"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds124.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21582
Spot-the-Difference-Cover-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/09/28/ Frame 8080 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/09/28/Spot-the-Difference-Cover-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf930e1339016baaef7f00755e28f537842b97c79be37bb417a371c24150f49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Thu, 28 Oct 2021 03:31:39 GMT
server
nginx
etag
"617a199b-2099"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds006.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8345
shutterstock_1793987290-205x123.jpeg
img.theepochtimes.com/assets/uploads/2021/11/18/ Frame 8080 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/11/18/shutterstock_1793987290-205x123.jpeg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
70cd696fd0081b813529abf83b0aba760f1c2730f6dc5c06491c6feb98a7d699

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Thu, 18 Nov 2021 21:59:53 GMT
server
nginx
etag
"6196ccd9-3901"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds217.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14593
09132021-DSC00051-1200x800-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/11/17/ Frame 8080 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/11/17/09132021-DSC00051-1200x800-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ee01cfd3d79b3ac7ec3a5d101d2e1db21d4d4159ac50ce4578ed1b7d948a1e06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Wed, 17 Nov 2021 13:17:56 GMT
server
nginx
etag
"61950104-5ed1"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds007.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24273
Man-waking-up-and-having-trouble-sleeping-in-the-middle-of-the-night-1200x799-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/10/10/ Frame 8080 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/10/10/Man-waking-up-and-having-trouble-sleeping-in-the-middle-of-the-night-1200x799-205x123.jpg
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4d980e8d5772f04ac229ee67728cf1a81649ab3718e5af58d369acaeaf287e29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
last-modified
Sun, 10 Oct 2021 11:58:42 GMT
server
nginx
etag
"6162d572-4df2"
x-hw
1639399932.cds142.fr8.hn,1639399932.cds108.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19954
Editbtn.png
cdn.epoch.cloud/assets/static_assets/ Frame 8080 		420 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/Editbtn.png
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f6bfe97beb2f7284a4cf8a480270adac8540aa94d57a00d8e3378e0ec23c40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
550
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
420
last-modified
Thu, 07 Oct 2021 17:32:48 GMT
server
cloudflare
etag
"615f2f40-1a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1pItxE%2BJtaBuJ9JxCnCw3sU7BqICQdJrFw4SQVBO4XQJZ2RPSY5G2R9lOuEctKDN9adcSmBrtPQw2YkXpPbFx1Zhq70gXrhnUgp2Q%2FX8RI03rv%2Ffx4SxEfAA4y0jUqWO3p%2FuPm417PfCbwiRxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
6bcf540a4e8b0eaf-FRA
expires
Mon, 13 Dec 2021 12:53:02 GMT
Roboto-Regular.ttf
cdn.epoch.cloud/assets/fonts/ Frame 8080 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/Roboto-Regular.ttf
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tn=Organic%20RW%20with%20soft%20login%20and%20articles&dna=%7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%7D&useSoftLogin=true&templateVariant=RW_v3_nonpremium_1206%20desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3565
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
168260
last-modified
Thu, 07 Oct 2021 20:05:56 GMT
server
cloudflare
etag
"615f5324-29144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTRnmJUyqNyk1hgvTyehPR11DEncaptjXjDHpY%2FYCso6aKihx5gV6jJYtvCzDyQ6GD3B3rt6013ELR1oXkc6drX9IQRHaDuKqjbE1oM2FIxFj2GaqG%2Bix9mx3OJ5BWxoAcOvf%2BvQkY7Xdg8tBSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bcf540bfecf4a9e-FRA
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 8080 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://subs.youmaker.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 718
age
583389
cdn-cachedat
2021-08-02 20:43:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ccc2031d40de6c708c24fec8cd69bbde
accept-ranges
bytes
cf-ray
6bcf540bed6d05ed-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1896038462&t=event&_s=3&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&ul=en-us&de=UTF-8&dt=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3ARegistration%20Wall&ea=Impression&el=Registration%20Wall%3A%20Organic%20RW%20with%20soft%20login%20and%20articles--RW_v3_nonpremium_1206%20desktop&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1160537288.1639399929&uid=anonb021-bb3c-449c-9a96-ce65982056ad&tid=UA-10465455-30&_gid=730694018.1639399929&cd1=237&cd3=%3Baustralia-237%3Binternational-19%3Bworld-89904%3B&cd4=%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd5=%3Baustralia-237%3Binternational-19%3Bworld-89904%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd21=4149549&cd23=Nina%20Nguyen&cd26=Australia&cd28=%3BAustralia%3BInternational%3BWorld%3B&cd29=%3Bransomware%20cyber%20attack%3Bcyber%20attacks%3BSouth%20Australia%3BFrontier%20Software%3Bdata%20breach%3Bpayroll%20system%3B&cd30=20211210&cd31=20211210&cd33=624&cd42=%3Bransomware-cyber-attack%3Bcyber-attacks%3Bsouth-australia%3Bfrontier-software%3Bdata-breach%3Bpayroll-system%3B&cd43=post&cd18=anonb021-bb3c-449c-9a96-ce65982056ad&z=1291752852
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 22:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53206
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1896038462&t=event&_s=4&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&ul=en-us&de=UTF-8&dt=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3AInline%20SignUp%20Meter&ea=Impression%20-%20Organic%20RW%20with%20soft%20login%20and%20articles--RW_v3_nonpremium_1206%20desktop&el=&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1160537288.1639399929&uid=anonb021-bb3c-449c-9a96-ce65982056ad&tid=UA-10465455-30&_gid=730694018.1639399929&cd1=237&cd3=%3Baustralia-237%3Binternational-19%3Bworld-89904%3B&cd4=%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd5=%3Baustralia-237%3Binternational-19%3Bworld-89904%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd21=4149549&cd23=Nina%20Nguyen&cd26=Australia&cd28=%3BAustralia%3BInternational%3BWorld%3B&cd29=%3Bransomware%20cyber%20attack%3Bcyber%20attacks%3BSouth%20Australia%3BFrontier%20Software%3Bdata%20breach%3Bpayroll%20system%3B&cd30=20211210&cd31=20211210&cd33=624&cd42=%3Bransomware-cyber-attack%3Bcyber-attacks%3Bsouth-australia%3Bfrontier-software%3Bdata-breach%3Bpayroll-system%3B&cd43=post&cd18=anonb021-bb3c-449c-9a96-ce65982056ad&z=96522433
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 22:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53206
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1896038462&t=event&_s=5&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&ul=en-us&de=UTF-8&dt=80%2C000%20South%20Australian%20Govt%20Workers%20Hit%20by%20Ransomware%20Attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20membership&ea=membership%20modal%20impression%20Organic%20RW%20with%20soft%20login%20and%20articles--RW_v3_nonpremium_1206%20desktop&el=&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1160537288.1639399929&uid=anonb021-bb3c-449c-9a96-ce65982056ad&tid=UA-10465455-30&_gid=730694018.1639399929&cd1=237&cd3=%3Baustralia-237%3Binternational-19%3Bworld-89904%3B&cd4=%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd5=%3Baustralia-237%3Binternational-19%3Bworld-89904%3Baustralia-featured-news-100611%3Baustralia-top-news-100612%3Btodays-headlines-98892%3B&cd21=4149549&cd23=Nina%20Nguyen&cd26=Australia&cd28=%3BAustralia%3BInternational%3BWorld%3B&cd29=%3Bransomware%20cyber%20attack%3Bcyber%20attacks%3BSouth%20Australia%3BFrontier%20Software%3Bdata%20breach%3Bpayroll%20system%3B&cd30=20211210&cd31=20211210&cd33=624&cd42=%3Bransomware-cyber-attack%3Bcyber-attacks%3Bsouth-australia%3Bfrontier-software%3Bdata-breach%3Bpayroll-system%3B&cd43=post&cd18=anonb021-bb3c-449c-9a96-ce65982056ad&z=1914262725
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 22:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53206
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
client
accounts.google.com/gsi/ 		184 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46e54d86c4c46b8e1a8627d2c578f9ec4a9610dce1e6bfbfc428f0cbaadf42d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J052sIQlDQ5Vad8OKjXvUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-J052sIQlDQ5Vad8OKjXvUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Mon, 13 Dec 2021 12:52:13 GMT
style
accounts.google.com/gsi/ 		658 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.sfEyfeao_9E.O/am=chE/d=1/rs=AF0KOtW8lfG_r32MeHektUUsH82Ip8ajIQ/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23800168696b24b4338abfc4a31c048f3c0590957f80ece95bfebb30e2be356b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IQ0N5sBpj3okfEjKezuqqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-IQ0N5sBpj3okfEjKezuqqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Mon, 13 Dec 2021 12:52:13 GMT
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=490013421558-fsr5v4sfmmhdjuqbnpoghql9do3gmjk9.apps.googleusercontent.com&as=oWGLmhaeQn6v3tZWz9PEyA
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.sfEyfeao_9E.O/am=chE/d=1/rs=AF0KOtW8lfG_r32MeHektUUsH82Ip8ajIQ/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7a8e84f97be623ade68427150ad7716b3b97f0ef024c8fe271343cddf91f8c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Gr4IFJE/x9O16yKVftspYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-Gr4IFJE/x9O16yKVftspYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Mon, 01 Jan 1990 00:00:00 GMT
user
comment.youmaker.com/api/v1/ Frame D77D 		57 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/user?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021120610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
alt-svc
clear
content-length
57
expires
Thu, 01 Jan 1970 00:00:00 UTC
find
comment.youmaker.com/api/v1/ Frame D77D 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/find?site=remark&url=theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&id=&group=&sort=-time&format=tree
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021120610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d8738c864ef0fd527cab3e877b259b5025230e7359659deb983660f41b9af8d0

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
1864
expires
Thu, 01 Jan 1970 00:00:00 UTC
collect
ea.epochbase.com/api/analytics/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/collect?tid=G-RD0QM5H02Q&site_id=www.theepochtimes.com&v=1&en=readactivity&percent_scrolled=37.89&v=1&en=readactivity&post_id=4149549&read_duration=10&dl=https%3A%2F%2Fwww.theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2Fd8OVsIoOym&cid=1160537288.1639399929
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 12:52:14 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
de696cd529005fc27f74c4c078127da46bc7c97f.image
comment.youmaker.com/api/v1/avatar/ Frame D77D 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/de696cd529005fc27f74c4c078127da46bc7c97f.image?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b9d529373147720da8b67da3db6629a004ecdbb94d25d83995471ea094c6d506
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
alt-svc
clear
content-length
22
expires
Thu, 01 Jan 1970 00:00:00 UTC
f0c7b0a5aea6a3bf81d9b0d56d9f06528b2f47b3.image
comment.youmaker.com/api/v1/avatar/ Frame D77D 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/f0c7b0a5aea6a3bf81d9b0d56d9f06528b2f47b3.image?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b9d529373147720da8b67da3db6629a004ecdbb94d25d83995471ea094c6d506
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
alt-svc
clear
content-length
22
expires
Thu, 01 Jan 1970 00:00:00 UTC
truncated
/ Frame D77D 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d066548314e4827f298403cb806d759ce7dbefb2bff05318803126cfe9347a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
PugMaster
image6.pubmatic.com/AdServer/ Frame 93D5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71184458&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c3783375d436dba1b6f2dde54bff60c52c0f1e594cf7cee9f8ab2de0b3af863d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1973
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame AB5E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61158465&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f3f20c973746f8c46e687631274d7d12ea6f92b83def552d85a4dfae1111db1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1687
content-type
text/html; charset=UTF-8
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2193 		0
0
redir
rtb-csync.smartadserver.com/ Frame 33A5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZThVN0Rib1FBQUR4VTd1MHJxdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADe8U7DboQAADxU7u0rqw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADe8U7DboQAADxU7u0rqw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Mon, 13 Dec 2021 12:52:14 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADe8U7DboQAADxU7u0rqw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame A033
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2504108235
  • https://sync.1rx.io/usersync/tradedesk/4419b5d6-9e21-44aa-ba89-f07b101fa27d
  • https://sync.targeting.unrulymedia.com/csync/RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003
42 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug010:0:419
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 13 Dec 2021 12:52:14 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003
etag
RX3fa8782e1d4b43b0825cec3197a77d75003
Artemis
aud.pubmatic.com/AdServer/ Frame 93D5
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Mon, 13 Dec 2021 12:52:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 93D5
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3FB0BC71-A02B-456D-8423-51D0226DBF4B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3FB0BC71-A02B-456D-8423-51D0226DBF4B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3FB0BC71-A02B-456D-8423-51D0226DBF4B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:12 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:12 GMT
frontend-id
11
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3FB0BC71-A02B-456D-8423-51D0226DBF4B&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 93D5 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6bcf54143ce12b7d-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 93D5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 12:52:14 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 13 Dec 2021 12:52:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 93D5
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:456
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 93D5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DKuBfHhE2uUJRY_ETPrO_pvwLe9deGQ-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DKuBfHhE2uUJRY_ETPrO_pvwLe9deGQ-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DKuBfHhE2uUJRY_ETPrO_pvwLe9deGQ-~A&gdpr=0&gdpr_consent=
date
Mon, 13 Dec 2021 12:52:14 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3FB0BC71-A02B-456D-8423-51D0226DBF4B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 93D5 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3FB0BC71-A02B-456D-8423-51D0226DBF4B?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:73b0:42cb:776e:1ea4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 93D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=21824df9-ce0e-424b-a236-05dba633ad28
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=21824df9-ce0e-424b-a236-05dba633ad28
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=4403d03a-4926-4f08-af71-99f069cc3f24&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=21824df9-ce0e-424b-a236-05dba633ad28&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=21824df9-ce0e-424b-a236-05dba633ad28&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:470
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=21824df9-ce0e-424b-a236-05dba633ad28&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 13 Dec 2021 12:52:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 93D5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7703256537291944179&gdpr=0&gdpr_consent=&us_privacy=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7703256537291944179&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:772
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7703256537291944179&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 93D5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3FB0BC71-A02B-456D-8423-51D0226DBF4B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 93D5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:12 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CD2A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tByC97qRSvVTDsHf2pWCNqh3Gcc
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tByC97qRSvVTDsHf2pWCNqh3Gcc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug011:0:524
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 13 Dec 2021 12:52:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tByC97qRSvVTDsHf2pWCNqh3Gcc
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 70FC
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:14 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug010:2:282
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 13 Dec 2021 12:52:14 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame CFBD
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9vKSjb1kUYzwOomGH8HoX-aE
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9vKSjb1kUYzwOomGH8HoX-aE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 13 Dec 2021 12:52:13 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug019:0:465
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 13 Dec 2021 12:52:14 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9vKSjb1kUYzwOomGH8HoX-aE
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame D4D1 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 13 Dec 2021 12:52:14 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-9
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame 69D9 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bcf54143efb691b-FRA
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 76CB
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c02f948a-48e4-4b48-957f-66d7bdb5602a-tuct8b0c77e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c02f948a-48e4-4b48-957f-66d7bdb5602a-tuct8b0c77e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 13 Dec 2021 12:52:14 GMT
via
1.1 varnish
x-served-by
cache-fra19180-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1639399934.181763,VS0,VE9
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c02f948a-48e4-4b48-957f-66d7bdb5602a-tuct8b0c77e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 13 Dec 2021 12:52:14 GMT
via
1.1 varnish
x-served-by
cache-fra19134-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1639399934.139008,VS0,VE9
x-vcl-time-ms
9
content-length
0
cookiesync
core.iprom.net/ Frame 7A00 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-83eb8ae69c38@version_1.362v2
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Mon, 13 Dec 2021 12:52:14 GMT
ids
idsync.frontend.weborama.fr/ Frame AB5E
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3988765427
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3FB0BC71-A02B-456D-8423-51D0226DBF4B
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3FB0BC71-A02B-456D-8423-51D0226DBF4B
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:14 GMT
via
1.1 google
last-modified
Mon, 13 Dec 2021 12:52:14 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3FB0BC71-A02B-456D-8423-51D0226DBF4B
date
Mon, 13 Dec 2021 12:52:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame AB5E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e01531a6-acbe-44c7-b7e6-132d07316624&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e01531a6-acbe-44c7-b7e6-132d07316624&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug024:0:429
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e01531a6-acbe-44c7-b7e6-132d07316624&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 13 Dec 2021 12:52:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame AB5E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8022406444498508336
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8022406444498508336
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:351
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:52:14 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fdb033fb-55fd-46f8-8922-a7c12e18d435
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8022406444498508336
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame AB5E 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 12:52:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 93D5 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame AB5E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:52:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theepochtimes.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| eet_primary_category string| eet_cat_ids string| eet_term_ids string| eet_all_term_ids string| eet_cat_names boolean| eet_no_ads string| eet_ads_term_ids string| eet_post_id string| eet_author_name string| eet_primary_category_name string| eet_tags string| eet_tags_slugs string| eet_publish_date string| eet_last_updated_date string| eet_word_count string| eet_page_type string| eet_segment_url string| featured_img_thumbnail string| eet_is_premium_article object| settings_obj string| eet_ga_id string| eet_domain object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag string| eet_ref string| eet_refcat string| eet_refname string| eet_refpos function| getUrlParameter function| $ function| jQuery object| pending_sections number| section_threshold number| timerStart boolean| more_loading boolean| isEurope number| timerLimitForCheckGeo string| LIVE_CHAT_HOST boolean| windows_focused string| url_path undefined| arr_path number| dt string| uuid object| gtag_obj function| eet_home_ymk_socials function| addSlashes function| load_mailmunch function| check_sections_on_scroll function| add_lazy_load_section boolean| didScroll undefined| didScrollHome function| eet_back_to_top function| eet_single_sticky_header function| eet_single_tool_box function| ednBidders function| epochGUID function| eet_entirepage_cover function| eet_remove_entirepage_cover function| eet_ymk_userID function| eet_check_country function| eet_show_edition_popup function| getUrlParameters function| initUserDNA function| updateUserDNA function| handleMessageUpdateUserDNA function| check_pipa_siteid function| init_pipa_paywall function| eet_fp_sticky_sidebars function| render_donation function| eet_save_post function| eet_user_saved_post_status function| eet_follow_author_status function| eet_follow_author function| eet_send_to_community function| eet_fix_mkt_list function| eetGetPostID function| live_chat_init function| listenLiveChatMessage function| handleLiveChatLoginCallback function| handleLiveChatHideCallback function| handleLiveChatShowCallback function| change_number_color function| eet_load_player_src function| eet_load_player number| readDuration string| eetGAClientID function| trackingReadActivity function| sendTracking function| eet_radiantlife_sticky_sidebars function| eet_get_ai_list function| eetAIRecAPIErrEvent function| eet_ai_handle_search function| eet_ai_rec_insert_tracking function| eet_track_widgets_seen function| eet_get_post_detail function| searchResultFolding function| formatAiRecDate function| getGAClientID function| trackingSearchActivity function| eet_get_user_id function| eetRecordUserReadingHistory object| jQuery111308627199274780599 object| ep object| regeneratorRuntime object| MicroModal function| expired object| epSubs function| get_remark_host function| float_remark_panel function| remark_panel_init function| load_ymk_comments function| showUserTemplate number| PREBID_TIMEOUT number| ALLBIDS_TIMEOUT number| HB_FLOOR boolean| show_roadblock object| ads number| infinity_ad_count boolean| lazyload object| googletag object| pbjs function| sySpecialAd boolean| outside_article_ads object| ednHighFloor function| prepareDivs function| get_ads_template function| fillAdSlot function| ixbid function| insert_ads_div function| display_infinite_ads function| insert_recommend_ads function| setGoogleTagTargeting function| getRootDomain function| createGPT function| loadA9 function| loadPrebidJSLibrary function| startGoogleTagService function| display_pd_slot function| display_ads function| fetchHeaderBids function| oxZoneId function| renderGoogleTagWithTracking function| renderOxAd function| getTwitterMatch function| getFacebookMatch function| eet_single_game_ads object| apstag object| slots boolean| apstagLOADED object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| pbjsChunk object| _pbjsGlobals object| _qevents object| _atrk_opts function| referral function| setCookie function| getCookie function| onYouTubeIframeAPIReady object| cbJsonP function| cb_window_logger function| Chargebee object| ggeac object| google_js_reporting_queue function| atrk boolean| _atrk_fired object| __SENTRY__ function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| jsapi_ object| JsAPI object| __statmedia object| U function| StatMedia object| statmedia49188 object| wcwdmcm7if88 object| closure_lm_784860 function| fbq function| _fbq object| geq string| persistentUser string| cookieStoreData string| firstpg undefined| dynamicPixel object| GoogleGcLKhOms function| empty object| _peSd object| _peD object| _peE object| _pe object| _peq object| google_image_requests function| _add_ctag object| body function| _0x2400c1 function| GeAnalytics function| _0x5117 boolean| geqpreprun function| run_ge function| _0x229f object| _geq object| userDNA object| extractedURLParams object| remark_config object| REMARK number| softLoginDeployment function| dailyMeterCounterIncrease function| initShareWidget function| renderShareWidget function| googleOneTapCallback object| ETUtils function| initOfferButtons function| parseURLParams object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_675124

131 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgYIkgEQ_RA
.t.co/ Name: muc
Value: 0c8936d6-7276-4302-8470-341d30cc7916
.t.co/ Name: muc_ads
Value: 0c8936d6-7276-4302-8470-341d30cc7916
.theepochtimes.com/ Name: epoch_persistent_user_id
Value: anonb021-bb3c-449c-9a96-ce65982056ad
www.theepochtimes.com/ Name: epoch_gdpr_userid
Value: 48440d59-5bc3-93a8-6dcb-ee9ba0aeea37
www.theepochtimes.com/ Name: userReadingHistory
Value: %5B%224149549%22%5D
.theepochtimes.com/ Name: _gid
Value: GA1.2.730694018.1639399929
.theepochtimes.com/ Name: _gat
Value: 1
.theepochtimes.com/ Name: pageviewCount_fb
Value: 1,https://t.co/d8OVsIoOym,https://www.theepochtimes.com/80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html?utm_source=dlvr.it&utm_medium=twitter
.theepochtimes.com/ Name: _ga_RD0QM5H02Q
Value: GS1.1.1639399928.1.0.1639399928.0
.scorecardresearch.com/ Name: UID
Value: 165V4AQKYTORHXUZIO9K0Eg1639399929
.theepochtimes.com/ Name: __asc
Value: 5ec36bab17db3d9b39dbfcaf7ff
.theepochtimes.com/ Name: __auc
Value: 5ec36bab17db3d9b39dbfcaf7ff
.theepochtimes.com/ Name: _ga
Value: GA1.2.1160537288.1639399929
.quantserve.com/ Name: mc
Value: 61b741f8-c407a-0f7d6-a502a
.theepochtimes.com/ Name: __qca
Value: P0-2066239729-1639399928791
.gumgum.com/ Name: cs
Value: true
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3FB0BC71-A02B-456D-8423-51D0226DBF4B
.adnxs.com/ Name: anj
Value: dTM7k!M4.FD>6NRF']wIg2ImPMJn=Z!@wnf-Te9(SG_?)0Haa^DiR8kn<jbq[=a/+oN9V$GCH:.D>IhOGQR)FCy@l4ntJd5/p22=HH1Mc9T5_m!wz^$)]s(F
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJwdWJtYXRpYyI6eyJ1aWQiOiIzRkIwQkM3MS1BMDJCLTQ1NkQtODQyMy01MUQwMjI2REJGNEIiLCJleHBpcmVzIjoiMjAyMi0wMy0xM1QxMjo1MjowOVoifX0sImJpcnRoZGF5IjoiMjAyMS0xMi0xM1QxMjo1MjowOVoifQ==
.adfarm1.adition.com/ Name: UserID1
Value: 7041169080129157261
.onaudience.com/ Name: cookie
Value: 9fe40e8e5572cf56
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 6AA3C7A266584AA9AD38A0CC30243572
.adform.net/ Name: uid
Value: 3069240408983036820
.mathtag.com/ Name: uuid
Value: 644b61b7-41f8-4e00-aa71-6802c36d3202
.doubleclick.net/ Name: IDE
Value: AHWqTUnPDhDxy1LfVnfzbeDNYkB4wolazJuLDQirY0iI80p_rAWSKiuKlrNy1Y1XGmM
.de17a.com/ Name: guid2
Value: 1.4797991891875058763
.adsrvr.org/ Name: TDID
Value: 4419b5d6-9e21-44aa-ba89-f07b101fa27d
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7041169080129157261
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3069240408983036820&KRTB&23263-3069240408983036820
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&KRTB&16736-uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&KRTB&23019-uid:e71461b7-41f8-4300-bc3f-f2f4cced8778&KRTB&23114-uid:e71461b7-41f8-4300-bc3f-f2f4cced8778
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOHCafQcCwCHz7X3JRk1_Fo&KRTB&16514-CAESEOHCafQcCwCHz7X3JRk1_Fo&KRTB&23025-CAESEOHCafQcCwCHz7X3JRk1_Fo
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4797991891875058763
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-4419b5d6-9e21-44aa-ba89-f07b101fa27d&KRTB&22918-4419b5d6-9e21-44aa-ba89-f07b101fa27d&KRTB&23031-4419b5d6-9e21-44aa-ba89-f07b101fa27d
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adnxs.com/ Name: uuid2
Value: 8022406444498508336
.mixi.media/ Name: _sm_uid
Value: d029f725-faa2-4e6d-89de-e7c887475bf9
.mixi.media/ Name: _sm_udt
Value: 1639399929362
.mixi.media/ Name: _sm_sid
Value: 822bd5fe-1398-47f1-92f9-05100cff2b32
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8022406444498508336
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d0c5805a8fceed31b0d06dfde566fa36
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDFINrUwME20SEtOTU0xNkwySDEwS0lLSTU1M0tLNDZjAILE7Y4%2FQTQUAAB2dwvw"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3O74E0hBAQAcagJT"
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "ca36f71eb5150096800bdf94279f14d2"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE50dgszdwwNcnU0NTAwNLMwsAgKSXN0sTI3DLN0CTFaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F77v5FgBhlSqP"
.mixi.media/ Name: nid
Value: ads5-3ssel31
.theepochtimes.com/ Name: __gads
Value: ID=86a9797c05151224-229bdf8105cd0085:T=1639399929:S=ALNI_MatHJ1yxlSXv7AJ1xC31dKa61xbHQ
.stat.media/ Name: _sm_uid
Value: d029f725-faa2-4e6d-89de-e7c887475bf9
.stat.media/ Name: _sm_udt
Value: 1639399929362
.stat.media/ Name: _sm_sid
Value: 822bd5fe-1398-47f1-92f9-05100cff2b32
.stat.media/ Name: _sm_cm
Value: 32
.theepochtimes.com/ Name: _fbp
Value: fb.1.1639399930154.2027939124
a.clickcertain.com/ Name: _ccpx_u
Value: a34b48d4%2d5cd9%2d49f8%2d854a%2d8ba7b6e0b3d3
a.clickcertain.com/ Name: _ccpx
Value: 244b81b94c69796
a.clickcertain.com/ Name: _ccpx_244b81b94c69796
Value: 1
.theepochtimes.com/ Name: epoch_geo
Value: de
.theepochtimes.com/ Name: epoch_geo_city
Value:
www.theepochtimes.com/ Name: _geuid
Value: 7782800b-869f-44ab-813a-3258c804c22b
www.theepochtimes.com/ Name: _gepi
Value: true
www.theepochtimes.com/ Name: _geps
Value: true
.tapad.com/ Name: TapAd_TS
Value: 1639399930756
.tapad.com/ Name: TapAd_DID
Value: ae96d371-9e11-444d-891c-927a172a61f8
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.theepochtimes.com/ Name: ymk_user_utm_source
Value: dlvr.it
.theepochtimes.com/ Name: ymk_user_utm_medium
Value: twitter
.theepochtimes.com/ Name: ymk_user_utm_term
Value:
.theepochtimes.com/ Name: ymk_user_utm_campaign
Value:
.theepochtimes.com/ Name: ymk_user_utm_content
Value:
.liadm.com/ Name: lidid
Value: 9c772f60-cc56-4cd1-a92f-8884ac713271
.casalemedia.com/ Name: CMPS
Value: 5211
.alocdn.com/ Name: uuid
Value: b1229180-cd54-4fc3-9063-f649068ebb23
.w55c.net/ Name: wfivefivec
Value: k6eYvtzs1MWKOn5
.w55c.net/ Name: matchcasale
Value: 5
.casalemedia.com/ Name: CMID
Value: YbdB.-45nYe5jAaKvkDA6gAA
.casalemedia.com/ Name: CMPRO
Value: 1151
.bidr.io/ Name: bito
Value: AADe8U7DboQAADxU7u0rqw
.bidr.io/ Name: bitoIsSecure
Value: ok
www.theepochtimes.com/ Name: epoch_daily_articles
Value: %5B%22https%3A%2F%2Fwww.theepochtimes.com%2F%2F80000-south-australian-govt-workers-hit-by-ransomware-attack_4149549.html%22%5D
www.theepochtimes.com/ Name: epoch_daily_meter
Value: 1
.bidswitch.net/ Name: tuuid
Value: 21824df9-ce0e-424b-a236-05dba633ad28
.bidswitch.net/ Name: c
Value: 1639399931
.bidswitch.net/ Name: tuuid_lu
Value: 1639399931
.theepochtimes.com/ Name: epoch_user_type
Value: anonymous
.theepochtimes.com/ Name: ads_layout
Value: anonymous
.acuityplatform.com/ Name: auid
Value: 630854030393
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBPmx7HAmimGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT5sexwJoo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.casalemedia.com/ Name: CMST
Value: YbdB+2G3QfwA
.casalemedia.com/ Name: CMRUM3
Value: e661b741fb2760&6961b741fb05a00&2761b741fb0b40&f161b741fb05a0&0a61b741fc2760630854030393&2f61b741fb2760k6eYvtzs1MWKOn5&8261b741fb2760AADe8U7DboQAADxU7u0rqw&2d61b741fb05a0&bc61b741fb05a00
www.theepochtimes.com/ Name: epoch_user_dna
Value: %7B%22u_s%22%3A%22dlvr.it%22%2C%22u_c%22%3A%22%22%2C%22r%22%3A%22https%3A%2F%2Ft.co%2Fd8OVsIoOym%22%2C%22pid%22%3A%22anonb021-bb3c-449c-9a96-ce65982056ad%22%2C%22x%22%3A%22287-212-887%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22irw%22%3A2%7D
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1640563200%3A219_197_226_227_241_235_201_221%7C1639440000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1640217600%3A63%7C1640563200%3A3_88_165_7_54_220_71_8_81_233_166_99_56_234_204_55_222_21_230_22_13_161_238_189%7C1639958400%3A223_15_2%7C1640649600%3A35%7C1641945600%3A203
.quantserve.com/ Name: d
Value: EK8BEgH5JPijC_vLEA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA&KRTB&19420-H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA&KRTB&22979-H9x82R3ceNYEjireHowz3k_aetgEjCveG4xleYiA
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~222c
.fiftyt.com/ Name: fifid
Value: 788541fd-785b-41ae-70b7-45da76bf8d8e
.fiftyt.com/ Name: cs
Value: MTYzOTM5OTkzNHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fM3Lnxec8ZXA9JMkY2MNnVBXHOTbkXKSueVNcumLkV5y
ads.playground.xyz/ Name: connect.sid
Value: s%3AexQKqJjcxdn87w9kt3ad4AGPNzTF4gZy.2qglKdGk9tyDa4K4zMAOz0Pz6%2FCMwe2SggWRE%2Fgx%2FDg
.weborama.fr/ Name: AFFICHE_W
Value: TR5VUESSzRBN94
.zeotap.com/ Name: zc
Value: 5f78ae3c-8491-4bac-75de-1a32f9ce336b
.volvelle.tech/ Name: ouuid
Value: 4403d03a-4926-4f08-af71-99f069cc3f24
.volvelle.tech/ Name: c
Value: 1639399934
.volvelle.tech/ Name: ouuid_lu
Value: 1639399934
.erne.co/ Name: u
Value: 9vKSjb1kUYzwOomGH8HoX-aE
.fiftyt.com/ Name: fppm
Value: 20211213125214
.turn.com/ Name: uid
Value: 7703256537291944179
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-9vKSjb1kUYzwOomGH8HoX-aE
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjol8yErZCfOhAFGAEgASgCMgsIjKn638OQnzoQBTgBWgthZGNvbmR1Y3RvcmAC
.taboola.com/ Name: t_gid
Value: c02f948a-48e4-4b48-957f-66d7bdb5602a-tuct8b0c77e
.adsby.bidtheatre.com/ Name: __kuid
Value: e01531a6-acbe-44c7-b7e6-132d07316624.408613934
.semasio.net/ Name: SEUNCY
Value: F0BC5939CC8D43F3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBP5Bt2ECEIMFXksHPBt9s0QAJUwrMqQFEgEBAQGTuGHBYQAAAAAA_SMAAA&S=AQAAAiTFxm9RqLr6uuuCYK0pakE
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7703256537291944179
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-21824df9-ce0e-424b-a236-05dba633ad28
.pubmatic.com/ Name: PugT
Value: 1639399934
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-3fa8782e-1d4b-43b0-825c-ec3197a77d75-003
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b41c82f7-ba91-4af5-530e-c1dfda958236.vQs1oP8ZwfhwXupBw%2Fnmyxj53cYC8h7w9eILpWaNus0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-b41c82f7-ba91-4af5-530e-c1dfda958236%24ip%24168.119.25.199.hV0%2Fq9bb82hfEJh6RZbA9YfhwYEd2Y%2F5l4SuuOnmZlU
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-tByC97qRSvVTDsHf2pWCNqh3Gcc
.audrte.com/ Name: arcki2
Value: aadprr24GYlRTSR-rqowxNoJg!20210804!1639399934544
.pubmatic.com/ Name: SPugT
Value: 1639399935

6 Console Messages

Source Level URL
Text
security error URL: https://t.co/d8OVsIoOym
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
deprecation warning URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network error URL: https://comment.youmaker.com/api/v1/user?site=remark
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://comment.youmaker.com/api/v1/avatar/de696cd529005fc27f74c4c078127da46bc7c97f.image?site=remark
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://comment.youmaker.com/api/v1/avatar/f0c7b0a5aea6a3bf81d9b0d56d9f06528b2f47b3.image?site=remark
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.clickcertain.com
a.remarketstats.com
a.volvelle.tech
accounts.google.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
aud.pubmatic.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.epoch.cloud
cdn.jsdelivr.net
certify.alexametrics.com
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
comment.youmaker.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
d1641bf9779fcdfa70594f2f06210712.safeframe.googlesyndication.com
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
dis.criteo.com
dlvr.it
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ea.epochbase.com
en.gravatar.com
epoch-times-d.openx.net
eus.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
green.erne.co
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.theepochtimes.com
js-sec.indexww.com
js.chargebee.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mixi.media
mwzeom.zeotap.com
p.alocdn.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.adnxs.com
pubmatic-match.dotomi.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stat.media
static.mixi.media
static1.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static6.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.co
target.mixi.media
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theepochtimes.com
www.youmaker.com
x.bidswitch.net
c.amazon-adsystem.com
sync-tm.everesttech.net
104.244.42.5
13.224.189.21
13.32.29.201
13.32.99.90
136.243.66.182
142.250.184.194
142.250.186.98
143.204.98.116
143.204.98.34
146.59.148.16
151.101.129.108
151.101.193.44
151.139.128.11
154.59.122.79
169.50.137.182
178.162.133.149
178.250.0.163
178.62.202.251
18.198.126.47
18.215.193.43
185.29.132.245
185.64.189.110
185.64.189.229
185.64.190.80
185.86.138.144
192.0.80.242
195.5.165.20
198.47.127.19
198.47.127.20
2.20.157.2
2.20.157.55
2.21.111.28
2001:4de0:ac18::1:a:2b
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.44
213.19.147.45
23.37.42.132
23.88.75.189
2600:9000:211e:e800:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:27a
2606:4700:3038::6815:ea4f
2606:4700:3039::6815:c075
2606:4700:3039::6815:c097
2606:4700::6810:5914
2606:4700::6812:acf
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200d
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:d29:3602:73b0:42cb:776e:1ea4
3.126.56.137
3.141.217.14
3.234.39.245
34.102.253.54
34.120.33.89
34.120.97.157
34.205.3.24
34.249.68.36
34.254.122.11
35.156.121.212
35.156.135.60
35.157.246.167
35.201.68.206
35.201.81.244
35.201.96.126
35.210.178.101
35.227.208.19
35.227.248.159
35.244.159.8
35.244.243.66
37.157.3.30
37.252.161.190
37.252.173.215
37.252.173.27
4.7.168.73
44.239.146.245
52.17.84.146
52.208.210.171
52.218.132.104
52.223.40.198
52.37.115.68
52.46.154.242
54.73.110.124
54.77.6.213
54.85.85.19
63.251.232.165
65.9.68.27
66.155.71.150
69.173.144.139
69.173.144.165
77.243.60.138
82.202.225.227
85.114.159.118
87.98.228.78
046b0caa6612c451cfddf7da1351f27d7b1951d85424a8f6940db13301251e15
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0931e8e21470b99deb7a1ca34a01ce06992ef6578e9b5387c02154d7fd5448fa
096a7caacb4e844a1d4a5bad9b9145784a9f5b5d7e9397bbbb6e83f646c46505
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
179c60d99b15f965561e229d369efc7250ce9df153f06db738d92aace6ab7c0e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1ad886d5daed57a89ccce0cb2d34b21c2ff6cc109a8e2ed40635516d939c0456
1d1243a785eeae424ffb23538b4a9fe967016e07775d49c9ea7b1089085a5358
1e55670a4814dd920f5d27e1ef2850f1068df39b043de03d282c8a8efb439f74
1e84f4e537c81e632712afb205916e1113801fc1b71ac41b57640533ebeecf86
1f1328a34f6855bee583e7779b62ac8c44661567cb9d59537ec54b4c317323ee
1fe83088e2e1330cd81bb64cbbee950b0368bb2b48e2884112a25b09be067661
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23800168696b24b4338abfc4a31c048f3c0590957f80ece95bfebb30e2be356b
2395144ea3091c5c67eb6f40a5f3e1e68e8e241dc8a9087a71bd3cf58f5f204b
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
2509c54de4a7bec2887572431ce2643babd37d241b15dd5969809100dc48c8c3
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
273bb667aa9f105a80b53afaabb6675da01b715f0fe956dd1bea7c4aa4b9f1ec
279992d24e5d7d1ba99bc6550fda63e6482eba6443e486e5e516934b20d9ea25
2902d82d7a26834822494377558834ad3650156ed79eea589040c92692ae42ec
2a70abc3a50005469f032410931a3c2c93344acdad3c234232536d958ffa748f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01ba5ffbaf4287986e0c9427fd7e90d8c7402808cb70bb99754479eaae6ad5
2cc2ce9251213658989817a09d355ab9c34f78628d027e15f6293871f63663b4
2cc3b9c66c53e056c9f5f89ce4f78fd74c04d3d22994c3e795b4a50a424df322
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2d772cf1714b9595bd9293a9175c951e96d62b771b3abcd9ea406553a10e57
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132
30c6090d5fda9533a2aedfd85efb2a32c096abadc8f5a601b9050ad7bd4a187a
3141a74d2f7f0278ee1196c2dfeb013807d737c3adc0eeecaaca36495a76bc63
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
33a6ad24318c10838a063dccc2f80c8281df1d86568efdd49c7df8917cc35efe
34d4d400d7005e3d2bb0920f1854df4f6a1c4fb81e5b8f98a4255729c13b5d31
36662c1c954312ba92720ebd1ba2259e4c27f3387bfc7aabfe2fb74538b5a323
383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
3a69222798aae5ed5488b4f36d397dab292cf716693a445c1ec3044cf17337af
3d08f3e6b9ae1a6910de3fbb4de0fc131c177ec960a48d1e00a383728aadfd7d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da224ebe7ed1636bee64e7d29290186f8618a06262f6139a28154a6807356de
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44be04ca10e45131b3040fd10ab82ba4792b1da6c66f6c0bbeb343e3ea01f6bb
46aa0f0efc4349b524738aae2506a2d04d468e9773f4452efc9e7d21960b1e8c
46e54d86c4c46b8e1a8627d2c578f9ec4a9610dce1e6bfbfc428f0cbaadf42d5
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b37d3f659f8b0f1c222dce949640b972c41b350b9b79e3abf7a980235e945fc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d980e8d5772f04ac229ee67728cf1a81649ab3718e5af58d369acaeaf287e29
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5a4886ff161dae16b300010d5efdea75d3a01929c2b65e90fd7d92ef709d78
4fa45cbe650dfae59ec9c8f624c96a48dcff7fbbc27dba4f7226577560f9ae76
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
503f24dc990e977e49bba6e6bd5f531369ed113dee1f5709bbfcafdf218cd564
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d13e7dfaaec326ab88217e17629bb3ab1896d143fbf24f8016c882b315da94
577081f0385b7d274132170e0e3ae6a182291bdb4f03be00e783ac3719f4f363
58d066548314e4827f298403cb806d759ce7dbefb2bff05318803126cfe9347a
5c87b4fadf2867e3fd6872df152b3a95bcc59f6a0e9583a7413dde6bee0f2b9a
5ce026281ddff606dee8575df1c4278c0720be82366ff8f8a4b94d695683e0f7
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f06f6e9481d766d19782ec1725722baeb242f9a4233d437415deb35fa6ef084
5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d
5f9d5f551aeab2624f742961efd68bd2b3ddd38778bd19770163780a0e5e601e
6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67912a9abd5755e9f9e6b0c5e891a8e7f2eb08e184a2ba36f818ba4de70ffa19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c29b38e79f19e865a0ef2254d23942a9d5319c7fa96f56c9e4063823109e778
6c435326bad4ee5476396373a1f00c3d9e5570b0a996a6e3ee8b8764d6c7fdaf
6cba7bb423a4339cb1db4062b98ba65c461ab4127ec3fbd78ee71932d36de7dd
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
6e88237108127024092b10e93eb3e08ef39c2b9f293339f84b0640a746f37ac0
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
70cd696fd0081b813529abf83b0aba760f1c2730f6dc5c06491c6feb98a7d699
70fbd157f02619ebe2855feece0c0ad7790d532005d08d8180423892e89a1a54
738e4edbfb463a9183352a9d89ac9836c3d6e2402e7c9e42c3b0156521b3e1fd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78412837a9966387d611232de47f436b1f55b5d4b6e8dcfde17bffc6d205173d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aa265e6bf6cc4973bf6fcc348ac96437d4956cccf0ab9a306da8e3d1b6b85c4
7ad3c64e6869d63f58ec9bfc53d7b5a71cb5270fa29dc9c1be0313f4b8450203
7bea207ee44e8a75cebe6a3be7c18e2fd5d10a78794d3613dac44c63dca8f078
7d25d28c19c8c64569c10790a243880f0c1bc29e1ac6a3c5fc9a7cafb11ef3d2
7d2ad1b7ae77e521333ee3bb9c11324d6020625123cdbff71b5f9ab953f94b28
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
7e26854636676991f1d950121ab8e5e484ede7d67dc896dd2d6a9d4d607d8e7d
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
813e6d544b7c550e7ff5b1df947a6419ab7288042f024e43d8fffeab492ed616
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b9079235b58bf169a7d8187bee204bf4fdc0860381a2e408e8ec7b6c655f4a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7c672bfce9a0e6e3ebdfe6965003d39161afe54b604949bc4b3c7eac579d7a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9248ef5db07daf1037b001b1ea7ffdba722f041064f30555795fdb12a4dcf1b6
952099b7a9abba9b5e0a84a36585c173f5c2871b70ea4037a4da98908d0fc032
96846accb193f09cda8c38680314f9a0fd5134dda688f0df7aa631f5bf2537be
96a65b510171424eac5aab5d8867e87802c92f118ff1f75a5b2b12382e35f7ee
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
999e4a10af4dc5a2320fb18cbcb0306640e18a3f8745a489be245b363a2f845a
99a069e200b9197d8c9b29dca90ede157f55e2f1bbbf51d2bedadbab2bf74f97
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4dfcce9ac01065ebfcacd45938420e39cfd6292c4234b6426ecb15255df7f5
9d626f07bedfb4a51b8d37382cb3753814b76c58442c82049599e8b6525817c7
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9f4440116c1058bd77df3d46c84e0e807731b5302cda5c190dfd233e8de516a5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e59f924f187682fae55294d77b443d65eecc14aa240b3ff6eb5926897bf76b
a2eeabe7d2f9bffed10632bc70aa79b5c38e6e0ea3e05481bcd2f02f7f5b4fac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8dbf9213d6fdcee9230c1ed66f81d5fd942689a20059630a31ee3510f350931
a997f1434a757dbb1accb3d336275608238853cd980d79997a225f8c62e29f82
acfc2148016bb388096d50ed3c12bd825d229ab05d46e8d4a8c61ef9577504c2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af463b25ee108e48338456299a263e94b53b302b4524916661513e22dd773850
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b0f6bfe97beb2f7284a4cf8a480270adac8540aa94d57a00d8e3378e0ec23c40
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1cf477edab6e4a4772b521c27e92c2377a93a6d1f44a38809ca57c47b284e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b29ef926e31fe1b611df2a9ce81adf787eb5bf6bc1804d50614a05f9c06b63a9
b2c779721422cb832ba0fd1e52c9348b043426695f4c9d3a2883f9aba9c0001b
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2
b7a8e84f97be623ade68427150ad7716b3b97f0ef024c8fe271343cddf91f8c4
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
b9d529373147720da8b67da3db6629a004ecdbb94d25d83995471ea094c6d506
bbf930e1339016baaef7f00755e28f537842b97c79be37bb417a371c24150f49
bcb705765f2fa18c246eb73efabc8482fe2aa73cd11066e56584421fe611f74d
bcf8ea1953798e6a61055f4992c376a8632a7d4ff833033ca31df41fe112e708
c0c8286e32758dcd4d8a64ca3608718d4921817d04cd05658696f61651452d4a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3783375d436dba1b6f2dde54bff60c52c0f1e594cf7cee9f8ab2de0b3af863d
c45c19025d22d611cec4f573b639bdb6e7c731024e498733c1e3220250c2aefb
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c4dd8fbfb03197b63191ddb6fcfd2cd8a3e916a81f700dd4e9c6236ee5188b36
c5c24148442b317e50d53294040b15f1848372f1e6631ec465efc17815daea86
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c65cc66a2932bab8264a9929e108279a82eb9a6be06a776bc9b019488c88bd7b
c70027927288db02a742e9cb0e86209ff579e22d57b86c28c8575e68b81bf547
c720ada845fd43297d4f29906e186c0c0678a11f8498eb0e6c3ddf629b4a32a0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdb0d8115b69d6d0768228115d8dd26b21ef47ea4e6834f6f9cf497906516641
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2ffe3bbfeb2dbb6e79dcbe8bc416e360af5b9fecf5e9e6f2718333164fdbec5
d8738c864ef0fd527cab3e877b259b5025230e7359659deb983660f41b9af8d0
ddf07d36e266484d6c5d046b1ca2ff178782c23c623e942496d692a620340d80
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b
e21a080cababbbb6505b9891d70eddca38239009916d9662fb8f2f5e927d18b2
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bdf735624eb503cceb9ceee5fd86f7d325be92c7b4a13286374d26970098af
ec0d6c86b538251d6d95930b500513dea6f0f2f308855946f95e3846d985df6a
ee01cfd3d79b3ac7ec3a5d101d2e1db21d4d4159ac50ce4578ed1b7d948a1e06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3009ce2be095d07fa5f80953e00d37b28d71a968fb61afaf327f3fb3b25697
ef50db4f06bbeae1a22807ace25d6daa9288fa08616e5f37dfc019530bf4fdb0
ef589800a85729debfd73086bfe87f0736ee95c4d2fb599b3e6417a3aa6b58f5
eff8407713a4db64425aa277a1cf6b097b72cc3b1b0fbafb04a1cb24066ec61f
f229a441e248cd9f4bb953ed7c90a4e922d67536f96cc4409be20a783b3a89cd
f316e72eca3912701e2a856b463ea0ec618d9badb63100499603652f04f0ea62
f3f20c973746f8c46e687631274d7d12ea6f92b83def552d85a4dfae1111db1e
f4adb8463ef46189ad0d99ff804fe3269e998acaa7bb29a73c2e2d361a06a7d7
f4cf5246bcfae3ac1315f8c1aea684c948a954a3251fe0ed11c4c5510e4e6c2c
f6a430cf4e356d78546e2a8cd481251875e6e04a38f710e573eeb1a93d3b0c20
f8d7a90fa2628f566185219f09ce9ea0afb7b3a83eb7097ae6e25b54b2ad1100
f9373ba07dc615d06ad29db9726f4d9d7ddb676db2fa43ff661d269289aef4c3
fb957c9ca9d9aef155343aa1f0d4c6e4f47e722932a48e5a85048e4f7492b51b