www.epochtimes.com Open in urlscan Pro
130.211.7.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Effective URL:
https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Submission: On October 14 via api (October 14th 2022, 1:25:00 am UTC) from SG — Scanned from DE

Summary HTTP 142 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 11 countries across 36 domains to perform 142 HTTP transactions. The main IP is 130.211.7.151, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.epochtimes.com. The Cisco Umbrella rank of the primary domain is 148830.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2022. Valid for: a year.

This is the only time www.epochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	130.211.7.151 130.211.7.151	15169 (GOOGLE) (GOOGLE)
10	193.108.153.28 193.108.153.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	69.166.1.8 69.166.1.8	27630 (AS-XFERNET) (AS-XFERNET)
3 10	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
3	198.47.127.22 198.47.127.22	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.91 99.86.4.91	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.108 143.204.215.108	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.123 99.86.4.123	16509 (AMAZON-02) (AMAZON-02)
1	3.131.215.186 3.131.215.186	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:1e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	65.9.66.67 65.9.66.67	16509 (AMAZON-02) (AMAZON-02)
6	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 13	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3602:9a19:4aca:1a41:e6f4	16509 (AMAZON-02) (AMAZON-02)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	54.171.34.58 54.171.34.58	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2 2	18.197.134.247 18.197.134.247	16509 (AMAZON-02) (AMAZON-02)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1	54.73.71.55 54.73.71.55	16509 (AMAZON-02) (AMAZON-02)
1 1	34.197.236.151 34.197.236.151	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
142	38

23 130.211.7.151 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 151.7.211.130.bc.googleusercontent.com

www.epochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 193.108.153.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-28.deploy.static.akamaitechnologies.com

i.epochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.20 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-123.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.215.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-215-186.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.66.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-67.fra56.r.cloudfront.net

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:9a19:4aca:1a41:e6f4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.34.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-34-58.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.134.247 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-247.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.71.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-71-55.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.236.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-236-151.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	epochtimes.com 1 redirects www.epochtimes.com — Cisco Umbrella Rank: 148830 i.epochtimes.com — Cisco Umbrella Rank: 321437	649 KB
23	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 519 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 dsum.casalemedia.com — Cisco Umbrella Rank: 1311	18 KB
13	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 618	60 KB
12	googlesyndication.com f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	263 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	177 KB
7	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	3 KB
7	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470 ads.pubmatic.com — Cisco Umbrella Rank: 495 image6.pubmatic.com — Cisco Umbrella Rank: 671	42 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608 cdn.indexww.com — Cisco Umbrella Rank: 1375	5 KB
6	districtm.io dmx.districtm.io Failed cdn.districtm.io — Cisco Umbrella Rank: 11794	12 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 296	3 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 948 pixel.quantserve.com — Cisco Umbrella Rank: 516 cms.quantserve.com — Cisco Umbrella Rank: 729	11 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1501	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 765	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 627	953 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 766	850 B
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1355	843 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 156	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	93 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724 www.google.de — Cisco Umbrella Rank: 6045	1 KB
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 890	131 B
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 2564	233 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1484	181 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 891	44 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 841	626 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	191 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2662	182 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 508	433 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1072	179 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	438 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com — Cisco Umbrella Rank: 6052	551 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	42 KB
142	36

	Domain	Requested by
23	www.epochtimes.com	1 redirects www.epochtimes.com
11	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
10	ib.adnxs.com	1 redirects www.epochtimes.com acdn.adnxs.com
10	i.epochtimes.com	www.epochtimes.com
9	securepubads.g.doubleclick.net	www.epochtimes.com securepubads.g.doubleclick.net www.googletagservices.com
7	ssum-sec.casalemedia.com	3 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	cdn.districtm.io	www.epochtimes.com cdn.districtm.io
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ups.analytics.yahoo.com	4 redirects
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
3	cdn.indexww.com	ssum-sec.casalemedia.com
3	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
3	acdn.adnxs.com	www.epochtimes.com
3	js-sec.indexww.com	www.epochtimes.com
3	ads.pubmatic.com	www.epochtimes.com
3	hbopenbid.pubmatic.com	www.epochtimes.com
3	htlb.casalemedia.com	www.epochtimes.com
3	apex.go.sonobi.com	www.epochtimes.com
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	ad.turn.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sb.scorecardresearch.com	www.epochtimes.com
2	www.google-analytics.com	www.epochtimes.com www.google-analytics.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	www.google.com	tpc.googlesyndication.com
1	csync.loopme.me	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	um.simpli.fi	1 redirects
1	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	sync.taboola.com	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	www.google.de
1	pixel.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1	certify.alexametrics.com
1	d31qbv1cthcecs.cloudfront.net	www.epochtimes.com
1	secure.quantserve.com	www.epochtimes.com
1	www.googletagmanager.com	www.epochtimes.com
1	f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
0	dmx.districtm.io Failed	www.epochtimes.com cdn.districtm.io
142	54

This site contains no links.

Subject Issuer	Validity	Valid
*.epochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-06-23`	a year	crt.sh
i.epochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-18` - `2023-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
certify.alexametrics.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2022-09-12` - `2023-10-11`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn.districtm.io Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Frame ID: 05332F5926259C143F47B6EBB8B1B87B
Requests: 71 HTTP requests in this frame

Frame: https://f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E18D2C42BE7E2B5ED81CDD516A133C77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E38D3109847DA655D7FBC1DEECC5C869
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35E156565019D1DD9625431175C310B8
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqlBLC2e2_fSwxy9E8XNMcZAz48dTMhz5XZ6pJKhr3KN2tdMCsAEuV_k9GrDuPUmy_LhmI29S7bVdMdzVVcZTjM0-mXH_0_IAwCKtw2oGk4cXwTnnZWuVt77pGQAPVyANDlbO2Ohw_Y8KrNx4QNzcyYP-XzAUF8mgpjcPrFNFBQCfBj7ZQn3FjZ3nSchmVpP7gAL-h-O66vsMm4Wt5WvIJVrXqqDyCy69e7kbxUmeF2TnVBrvsJbRjV5QeedWqPwRZyEYIAp-fS20qc1KT7rOQ5b9LrWVHYJyzRVBcze__jJIFTki9aLjJu_rL2AZHS-xU_eTP9IE5kvtPwzawS2BXf715dMePAkSFD-oNN_gsjmj3SYsfnpDkYcVjWo0Jmp8IzQ&sai=AMfl-YTgfZ4MZ-LYapXI5SaHoQw1mvcpsE81BaelC3KRJQ4qL5-DoabHh3lG-yoeM0NJO7pQvCA8oUh2GVlqYUuzxgmOGiblFrv2ZeCfcGa06UEWbfWwS3fx3Hz-JOzRpiq5wqQZuQ&sig=Cg0ArKJSzOcds-MDOt3NEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7A426A2D7585A25BB06235BB5B5154FA
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpyYeqFoxLFRZbvpcaYvrt-t1mZXaX2aqs9NNBYrda50Rc_7aq-nuoDbV5RyEXMhqEtDA0tNUPvePtUx1RvplA_JU-8YAH0_efgZO2_WtqrDL8_gcT2633-1w0fKt9OeCNkbx5uOrwR60zhIcBRHTOqu-bpqIM_nLNa-TvAcvvRs--pKVi4H0YycHy8WfHoY7XdSHSl63tPHYU6yGr-tY_-jBNgmQlCTMQumhSz65r4r6PIlsk8YXVj0BGlD4vjh6nM8Tk_kIlpY8kQUQKM8zVlgjo9dSazfy0ZgpzXvL57p7MEhiVK3YR4AoOU-q8g33GuroVKBG7rDTFOp2ol4koXgD0PIwrJi0A5DcR_Gm94ClhoABxkVpVCwvjV53DpPt_AoGKjA&sai=AMfl-YSnzSKrEBkKdGe9QsJ6h903jY4_dF5JabnKv4OvFR0pPMI8eMBM2VfEth-K1YRe8bOFGFG3zCVAZKpH45zRn8nTga9zije7SN3caE3gfgCXUv1HJk4Oe2ThdsEMvy02mTDT&sig=Cg0ArKJSzPxwgFB3R5rzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C14736CAA200046A7F0A2E7F529FB402
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8C4B0AED6429957D7C0751AEDDEF5D19
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B8433F236DB4DFB35739947A6D79C855
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 8CA2F5AFE6F6ECFCC958B246BBE659BA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B530AB3B675D10887798F2F40FAABB22
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7EC58E2F4AC5A1D7D862B625A1569A62
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9FC7B4DC66B3D8D91FF776E616808486
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0AC1D6F30F34153BEB116889072675A7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 591343ECF8E6566091B3171E3C1AC658
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F3639D6873BDE398B66F17ADE9025014
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A7068E4C660FF2AD555907823606A589
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7B584E3C66237875A61971BC49B3FCF1
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 46F2F52F334CEDD9803DD7172224426D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B110EFAA552DCD95AF8381E00F454107
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 5273324B86FE8180FEAB7BEACE1ECE83
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 676E422FC54BDC8A1DF19802D6BDDBAC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

山西 | 大紀元

Page URL History Show full URLs

http://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html HTTP 301
https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

84 %
HTTPS

36 %
IPv6

36
Domains

54
Subdomains

38
IPs

11
Countries

1403 kB
Transfer

2774 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html HTTP 301
https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 109

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 110

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOoUft_y7zb51uVisOIHKZs&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0i6aeq.4-IHhONqsa3GuQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBljFPE5YG32tAU8KnhO6m8&google_cver=1&google_hm=2

Request Chain 116

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t

Request Chain 117

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB

Request Chain 118

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq.4-IHhONqsa3GuQAA%261105 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bb253b67-6a3e-47fd-9d33-42a7294b455c-tucta423fe9

Request Chain 119

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 120

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044798399332177630

Request Chain 124

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665797097

Request Chain 126

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB

Request Chain 127

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0CAFBE8F27D4E62B11BA7FC58C146CF

Request Chain 128

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086672910076522110&expiration=1666920297

Request Chain 129

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4116855993370105566

Request Chain 131

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=VICdvwDSn79PipyzBoaE41eCnrdP1pC1VNIx6oBc

Request Chain 132

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=V7GsRWT91OJ9rz5

Request Chain 135

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2924577974155165856

Request Chain 136

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-317b9803-cad2-4fbe-af71-7a9a3bf777b8

Request Chain 138

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t

142 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request %E5%B1%B1%E8%A5%BF.html Show response
www.epochtimes.com/b5/tag/
Redirect Chain

http://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html

47 KB
11 KB

187ms
168ms

Document
text/html

130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: e32c6abaa228b76c86d162e7ea22b7553f1b2bbd8ab21e251098c9989d4190c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=120
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 01:24:53 GMT
server: nginx
vary: Accept-Encoding, User-Agent
via: 1.1 google

Redirect headers

Content-Length: 178
Content-Type: text/html
Date: Fri, 14 Oct 2022 01:24:52 GMT
Location: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Server: nginx
Via: 1.1 google

GET
H2 200 style.css
www.epochtimes.com/assets/themes/djy/ 2 KB
983 B 86ms
84ms Stylesheet
text/css 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/style.css?ver=20150811
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3c2e71998d491bea4d688ca56c8eeab55e8d0e3a45ec0eff9b21518a7efe110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Mar 2021 13:49:04 GMT
server: nginx
etag: W/"60535a6d-734"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 878

GET
H2 200 foundation.min.css
www.epochtimes.com/assets/themes/djy/css/foundation/ 109 KB
13 KB 220ms
219ms Stylesheet
text/css 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/css/foundation/foundation.min.css?ver=20150811
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a463133102a2df8f8c9290820f155c9c57df0fe98d9a7a00bd88e9cf90cd74b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:44 GMT
server: nginx
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13163

GET
H2 200 global-v2.css
www.epochtimes.com/assets/themes/djy/css/ 42 KB
10 KB 353ms
352ms Stylesheet
text/css 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/css/global-v2.css?ver=20200818
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 21d09adc69a2757b6379c2cd7ec4abf6d6c8ce0d853a7d10173fcf29b0133fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 22 Dec 2020 19:46:31 GMT
server: nginx
etag: "5fe24d33-a8bf"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9681

GET
H2 200 focus-v2.css
www.epochtimes.com/assets/themes/djy/css/ 24 KB
5 KB 287ms
287ms Stylesheet
text/css 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/css/focus-v2.css?ver=20200107
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f748dc226127c3c519144709a0db336dd1e3c01dfd1d1c4348ae09b489f8c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 07 May 2021 22:17:36 GMT
server: nginx
etag: W/"6095bc84-61c7"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5197

GET
H2 200 search.css
www.epochtimes.com/assets/themes/djy/css/ 6 KB
2 KB 24ms
24ms Stylesheet
text/css 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/css/search.css?ver=20160303
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 231da198264dea55d3728d73286eefabb829cd5dba15bf7b4676ff3df85dd0ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:44 GMT
server: nginx
etag: W/"5e71311c-169c"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1803

GET
H2 200 tag.min.css
www.epochtimes.com/assets/themes/djy/css/ 6 KB
2 KB 153ms
152ms Stylesheet
text/css 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/css/tag.min.css?ver=20210116
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 68bed6d16d0fe7cd57be2b7a921492da9c84474154f81e395aa3ef120c6135df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 16 Jan 2021 22:22:29 GMT
server: nginx
etag: W/"6003673c-1929"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1674

GET
H3 200 ET_Logo_2_cn.png
www.epochtimes.com/assets/themes/djy/images/ 4 KB
4 KB 519ms
513ms Image
image/png 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/ET_Logo_2_cn.png
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb474652565205c3a25419386dcc76caeec9ffd9c2937be6df7b02943a141972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:53 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-ef1"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3825

GET
H/1.1 200
OK id13067695-GettyImages-500863140-320x200.jpg
i.epochtimes.com/assets/uploads/2021/07/ 27 KB
28 KB 1545ms
1333ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2021/07/id13067695-GettyImages-500863140-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e80f3e63f4e2e833389b41c63a58187c94708e79021e675d2ee6812f8566109f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 27595
Last-Modified: Mon, 05 Jul 2021 02:09:43 GMT
Server: nginx
ETag: "60e269e7-6bcb"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535980
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 14 Oct 2023 01:24:34 GMT

GET
H/1.1 200
OK id13308797-bbf4ca7f5edf647d0422b36aefb63718-320x200.jpg
i.epochtimes.com/assets/uploads/2021/10/ 29 KB
30 KB 1141ms
930ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2021/10/id13308797-bbf4ca7f5edf647d0422b36aefb63718-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 546d0b9a2144ab5b9f7d0bda7a326201bfc6c67ea47d4bb24f0fafd2075f878e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 29618
Last-Modified: Sat, 16 Oct 2021 12:26:22 GMT
Server: nginx
ETag: "616ac4ee-73b2"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 14 Oct 2023 01:24:54 GMT

GET
H3 200 white.png
www.epochtimes.com/assets/themes/djy/images/ 95 B
113 B 584ms
579ms Image
image/png 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/white.png
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:53 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-5f"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H3 200 djy_post_default_featured_image_208x130.jpg
www.epochtimes.com/assets/themes/djy/images/ 7 KB
7 KB 651ms
646ms Image
image/jpeg 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/djy_post_default_featured_image_208x130.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f6dcaeebfca24b2ae14675b7c0505b466dd861949128750c46f6a604cf4cac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:54 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-1cf4"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7412

GET
H3 200 video_icon.png
www.epochtimes.com/assets/themes/djy/images/ 1 KB
1 KB 717ms
713ms Image
image/png 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/video_icon.png
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6a469b678f0f023fd3b4596d728fc14dd7023da2ea89270d0083f7605b182b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:54 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-5b4"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1460

GET
H3 200 djy_logo3.png
www.epochtimes.com/assets/themes/djy/images/ 6 KB
6 KB 450ms
446ms Image
image/png 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/djy_logo3.png
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 27d8ee517f5e3f0253dc988e9985512ce6209823a6a3f5f7c6cddfe1afc0642f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:53 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-19b2"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6578

GET
H3 200 jquery-all.min.js Show response
www.epochtimes.com/assets/themes/djy/js/ 98 KB
34 KB 129ms
128ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/jquery-all.min.js?ver=20200218
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6a5a43b6f9f8b22b3f2d15b8f75f534fd794e61d66df7e532ce45a675e2f7c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:35 GMT
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35100

GET
H3 200 foundation.min.js Show response
www.epochtimes.com/assets/themes/djy/js/foundation/ 107 KB
28 KB 128ms
127ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/foundation/foundation.min.js?ver=20150811
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 297ca9748cbbe4f3c7b1b11a564ae106f95083c5d3432f0dbda973ac8c4cadca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:35 GMT
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28179

GET
H3 200 bottom.min.js Show response
www.epochtimes.com/assets/themes/djy/js/ 29 KB
9 KB 190ms
188ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/bottom.min.js?ver=20220615
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 26de5c70a44e9fc85e70c69f74e524520a802632f7a53f53f1222ece535fc640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 16 Jun 2022 13:40:14 GMT
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9188

GET
H3 200 news.min.js Show response
www.epochtimes.com/assets/themes/djy/js/ 864 B
883 B 256ms
249ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/news.min.js?ver=20150802
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12c9611f8ddb6b01b04dd93ef55e5f0dec441f84472d0a1fcd2a2072f045a6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:35 GMT
server: nginx
etag: "5e713113-360"
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 864

GET
H3 200 sticky.min.js Show response
www.epochtimes.com/assets/themes/djy/js/ 2 KB
993 B 321ms
314ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/sticky.min.js?ver=20160401
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33f680f57015ab484ce1019e634292ff505a795a4b5a3fef6b6e91166bb08132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:35 GMT
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974

GET
H3 200 default_article.min.js Show response
www.epochtimes.com/assets/themes/djy/js/ads/www/ 17 KB
4 KB 386ms
380ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/ads/www/default_article.min.js?ver=20210312
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ec51ed8e796e4885dd6b97acec8af8c5f1cf9c06f4841859b847b5d7a8ce5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 13 Mar 2021 19:46:19 GMT
server: nginx
etag: W/"604d16a4-43be"
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4294

GET
H3 200 djy_icons.png
www.epochtimes.com/assets/themes/djy/images/ 55 KB
55 KB 768ms
768ms Image
image/png 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/djy_icons.png
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/css/global-v2.css?ver=20200818
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 65afe802898a31c28fe92e014c335174d8fd64205f83a6d3258bacc5c9bed2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/assets/themes/djy/css/global-v2.css?ver=20200818
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:54 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-dad8"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56024

GET
H3 200 newsletter_ad.jpg
www.epochtimes.com/assets/themes/djy/images/ 58 KB
58 KB 850ms
849ms Image
image/jpeg 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/newsletter_ad.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/css/tag.min.css?ver=20210116
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: c32f2c273444cc5253baff690e39ededa3fe95e96958296d2eef4b917c17a61d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/assets/themes/djy/css/tag.min.css?ver=20210116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:54 GMT
via: 1.1 google
last-modified: Sat, 16 Jan 2021 22:22:29 GMT
server: nginx
etag: "60036725-e765"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59237

GET
H3 200 mobile-icon.png
www.epochtimes.com/assets/themes/djy/images/ 4 KB
4 KB 783ms
782ms Image
image/png 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epochtimes.com/assets/themes/djy/images/mobile-icon.png?
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/css/global-v2.css?ver=20200818
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: c73b4a1bdb78498397f4a961ef65670405e7d3e411539f9077c81d306fe8e2b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/assets/themes/djy/css/global-v2.css?ver=20200818
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:54 GMT
via: 1.1 google
last-modified: Tue, 17 Mar 2020 20:20:41 GMT
server: nginx
etag: "5e713119-f40"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3904

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/www/default_article.min.js?ver=20210312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eac04c4056e634a1426254f59e7ce00fed9b6ab8f7ae71395d98019b3341f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1363 / 612 of 1000 / last-modified: 1665698703"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Oct 2022 01:24:53 GMT

GET
H3 200 prebid.js Show response
www.epochtimes.com/assets/themes/djy/js/ads/ 238 KB
74 KB 601ms
601ms Script
application/x-javascript 130.211.7.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/www/default_article.min.js?ver=20210312
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.7.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.7.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: d9d4636626350d8ba41907b9055b3947ddb2d855783eb57fae1bd376bbc884d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 13 Mar 2021 19:46:19 GMT
server: nginx
etag: W/"604d168b-3b9fa"
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76142

GET
H/1.1 200
OK id13831690-GettyImages-1243288413-320x200.jpg
i.epochtimes.com/assets/uploads/2022/09/ 41 KB
41 KB 29ms
15ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/09/id13831690-GettyImages-1243288413-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2d08707214742ca3f1c2ba3dd7d4a182eccc1eef2d1f961cecf6925eb6258883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:53 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 41645
Last-Modified: Sat, 24 Sep 2022 02:37:54 GMT
Server: nginx
ETag: "632e6d82-a2ad"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30383795
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 30 Sep 2023 17:21:28 GMT

GET
H/1.1 200
OK id13802264-GettyImages-1413950630-320x200.jpg
i.epochtimes.com/assets/uploads/2022/08/ 47 KB
48 KB 31ms
16ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/08/id13802264-GettyImages-1413950630-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05a053035ebc391b3bb0c34f69d09dc3e98644a041f3f60873d5825cf6461e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:53 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 48452
Last-Modified: Sun, 14 Aug 2022 08:36:27 GMT
Server: nginx
ETag: "62f8b40b-bd44"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30074061
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Wed, 27 Sep 2023 03:19:14 GMT

GET
H/1.1 200
OK id13757412-1-89-320x200.jpeg
i.epochtimes.com/assets/uploads/2022/06/ 11 KB
11 KB 43ms
18ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/06/id13757412-1-89-320x200.jpeg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3ac7491cc9257c2e582e174f8afe9ce81a081494fec7a513eaf424c295150467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:53 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 11101
Last-Modified: Sat, 11 Jun 2022 23:38:56 GMT
Server: nginx
ETag: "62a52790-2b5d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30467023
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sun, 01 Oct 2023 16:28:36 GMT

GET
H/1.1 200
OK id13679008-Screen-Shot-2022-03-29-at-12.42.14-am-320x200.png
i.epochtimes.com/assets/uploads/2022/03/ 74 KB
74 KB 978ms
952ms Image
image/png 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/03/id13679008-Screen-Shot-2022-03-29-at-12.42.14-am-320x200.png
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 325caff6e214b92ed0eab1720f5324d927e95c1f514df7e130819598bbf25cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 75583
Last-Modified: Mon, 28 Mar 2022 13:43:42 GMT
Server: nginx
ETag: "6241bb8e-1273f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535956
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 14 Oct 2023 01:24:10 GMT

GET
H/1.1 200
OK id13524790-GettyImages-1207184245-320x200.jpeg
i.epochtimes.com/assets/uploads/2022/01/ 30 KB
31 KB 905ms
905ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/01/id13524790-GettyImages-1207184245-320x200.jpeg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 172b9d766136b71550cc210e49557d5d4d8fa46dc90731defa518fe382eba339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 30942
Last-Modified: Sun, 23 Jan 2022 23:22:31 GMT
Server: nginx
ETag: "61ede337-78de"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 14 Oct 2023 01:24:54 GMT

GET
H/1.1 200
OK id13402147-1-320x200.jpg
i.epochtimes.com/assets/uploads/2021/11/ 16 KB
17 KB 900ms
900ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2021/11/id13402147-1-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1569bcd9a49460bf6663536d063fd440bf94238643b0f0cf2fe5eee81d4bc630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 16435
Last-Modified: Sat, 27 Nov 2021 08:42:58 GMT
Server: nginx
ETag: "61a1ef92-4033"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 14 Oct 2023 01:24:54 GMT

GET
H/1.1 200
OK id13830674-shutterstock_132261989-320x200.jpg
i.epochtimes.com/assets/uploads/2022/09/ 14 KB
15 KB 8ms
7ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/09/id13830674-shutterstock_132261989-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1ad35ef353080b44ef31f7008296d9b81c4875636215bd49aa9f9327ca313848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:53 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 14304
Last-Modified: Thu, 22 Sep 2022 18:09:30 GMT
Server: nginx
ETag: "632ca4da-37e0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29763138
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 23 Sep 2023 12:57:11 GMT

GET
H/1.1 200
OK id13826847-1200x800-2-320x200.jpg
i.epochtimes.com/assets/uploads/2022/09/ 24 KB
24 KB 8ms
8ms Image
image/jpeg 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.epochtimes.com/assets/uploads/2022/09/id13826847-1200x800-2-320x200.jpg
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d9a5081e27d2eac538eef346a029c517b9b86ecca95e3a246bd718edcd3324b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 01:24:53 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1281139
Content-Length: 24274
Last-Modified: Fri, 16 Sep 2022 20:24:42 GMT
Server: nginx
ETag: "6324db8a-5ed2"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30106254
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Wed, 27 Sep 2023 12:15:47 GMT

GET
H3 200 pubads_impl_2022101002.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131337
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 16:09:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 Oct 2023 23:53:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 503 B
235 B 31ms
16ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.epochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bb0c604f0ce4ed235a2d416704a0ed6ae2981ebe518e5a372d057819f8c1587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210
x-xss-protection: 0
expires: Fri, 14 Oct 2022 01:24:53 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 135 B
634 B 310ms
96ms XHR
application/json 69.166.1.8
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FDJYwww_articles_news_right-logo%7C2893a1f433a37e%22%3A%22728x90%2C970x90%2C970x250%22%7D&ref=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&s=cf9e79c6-9527-429a-8a07-2b5656ad303c&pv=c5927812-a61f-4310-918c-38bfa5dbc445&vp=desktop&lib_name=prebid&lib_v=4.30.0&us=5&ius=1

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

a788f94dc6a87319d5df8429d81b89722d98ff3edb5b8ab113f8be5c26d5f797

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-17
content-type: application/json
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 160
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
302 B 62ms
30ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299888&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230a6a67ff85e9d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2243dcc9f7d394cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299888%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225f819b59f7ead8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299888%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260e828396af974%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299888%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 010cf00391bdddeb3eff098a38c34ea45ce26ddedba59a469f3c956146628ab5

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXGwXtbsRs5o1sk9ROtJfg0VsuiAgxjfXH1BtO7smcDQCE3i4b4wrtAObqHLERtF63LOUKpX9DobGedeQ4N62vATqK7u5Bam33WiKRQvlEBQIMJpB5DVlmAEvHDz7x3t4htMcai3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 759c84a08eb99b88-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 50ms
14ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d8d4caf3ab2413dabc0f47082d53a596b6c84593f86f0914321fffa8deb6fe41

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:54 GMT
AN-X-Request-Uuid: 40e5a7b5-ebf1-4f26-b58f-e9963adbca5c
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.epochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v1
dmx.districtm.io/b/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 575ms
17ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.epochtimes.com
date: Fri, 14 Oct 2022 01:24:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST v1
dmx.districtm.io/b/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 574ms
18ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.epochtimes.com
date: Fri, 14 Oct 2022 01:24:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 44ms
15ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

acacfdd99df89f172e3c5a5f24550dee471dd24df74f5f840e64be1ed3a10e60

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:54 GMT
AN-X-Request-Uuid: 2a9d9c23-be2b-47ac-afbd-684ccf845200
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.epochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
315 B 51ms
28ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299889&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22199ddde7c0bae96%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220cfab22d1d88a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299889%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222191b23f8789a73%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299889%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599e69a950ccf856bf747a6bd3404db7099331fee7a9b7c0972dc9591ef7e761

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1c8N68ZMOQsHELpDUSiUCaovoqGjCBnN6gYxZGguJlscLyhy17st6M5B6zYpuzn8oWOsrq0rfSv%2Blxl4zXTnvU4%2F%2BrxeenNbBS%2FkKdPg7FtyFbe3PWmrhP%2BUgUnCICRysiOoQqWG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 759c84a08ebb9b88-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 135 B
634 B 298ms
98ms XHR
application/json 69.166.1.8
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FDJYwww_articles_news_top-right%7C2368ff4bfb3984f%22%3A%22300x250%2C300x600%22%7D&ref=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&s=47f3f213-7f08-4a87-aaba-fba44a900b46&pv=c5927812-a61f-4310-918c-38bfa5dbc445&vp=desktop&lib_name=prebid&lib_v=4.30.0&us=5&ius=1

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

76034bde5e980ad5b967771b268db3d60c5033190cac3f2cb2dd6b928f4c3918

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-56
content-type: application/json
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 160
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 43ms
15ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2fbac88a03bb0c2c14a417ef3550773f1d64910ab3266d32b7e29d4a7a8eb98f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:54 GMT
AN-X-Request-Uuid: 01096c5c-068c-4eb9-bd62-933a50315344
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.epochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v1
dmx.districtm.io/b/ 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
569 B 46ms
27ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299893&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22281b50c16d59b5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229ad75d1a74f22a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299893%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2074dbf591ea4ea9c2c039b0a21bf4bd6c80357dc85ac1dcc6f0d4e056c1754c

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1la%2Bzu9OZ1%2BR3zfZv74rsHrIeyOxG2kg3pZNeGtx2kxNegVyVsdBljh%2FN97My7ELtxDgm1856MKCaWGRouyA%2BjN0bcM%2BIEeotXNCE7M8DEBPaeIZndZ806JzCrJ7u4XrLIF63Sw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 759c84a08ebc9b88-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 565ms
16ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.epochtimes.com
date: Fri, 14 Oct 2022 01:24:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 143 B
642 B 309ms
112ms XHR
application/json 69.166.1.8
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FDJYwww_articles_commentary_right-spot3%7C33b2a597cc5a071%22%3A%22300x250%22%7D&ref=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&s=c8b3fb6d-95be-4e6f-aaff-4c754eb5265e&pv=c5927812-a61f-4310-918c-38bfa5dbc445&vp=desktop&lib_name=prebid&lib_v=4.30.0&us=5&ius=1

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

a1275d93cf85644e4c169c82592c0b0b79ff4a4e242ca17b6ba9bb3944762c17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:54 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-43
content-type: application/json
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 168
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 54ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.epochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 55ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.epochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 365ms
365ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4466433369131867&correlator=1208698096744107&eid=31069635%2C31070194%2C31069353&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fifs&iu_parts=5965368%2CDJYwww_articles_news_right-logo&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&adks=1928841005&sfv=1-0-38&fsapi=false&eri=1&cust_params=site%3Dwww.epochtimes.com%252Cepochtimes.com&sc=1&cookie_enabled=1&abxe=1&dt=1665710695085&lmt=1665710695&dlt=1665710693021&idt=898&adxs=300&adys=125&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&frm=20&vis=1&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=943855002.1665710695&ga_sid=1665710695&ga_hid=633450525&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4331441babcd68d3ca8c9a613f41530fcc403e9b63a15830d2e65cbbb8f1511f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10174
x-xss-protection: 0
google-lineitem-id: 6085764956
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404656560
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E18D 6 KB
4 KB 72ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 01:24:55 GMT
expires: Sat, 14 Oct 2023 01:24:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 520ms
520ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4466433369131867&correlator=1208698096744107&eid=31069635%2C31070194%2C31069353&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fifs&iu_parts=5965368%2CDJYwww_articles_news_top-right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=2&adks=2458695766&sfv=1-0-38&fsapi=false&eri=1&cust_params=site%3Dwww.epochtimes.com%252Cepochtimes.com&sc=1&cookie_enabled=1&abxe=1&dt=1665710695099&lmt=1665710695&dlt=1665710693021&idt=898&adxs=965&adys=396&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&frm=20&vis=1&psz=320x15&msz=320x0&fws=4&ohw=320&ga_vid=943855002.1665710695&ga_sid=1665710695&ga_hid=633450525&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d18322f99d60e4c43a4deb49a632c0c1e44789b9d7f94a9f06c8e6e06c45ec9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10083
x-xss-protection: 0
google-lineitem-id: 6127989496
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407099483
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 75ms
22ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ada26a4c7994707dc1731ab2a8924b4ef50561fc98899cfb551ab52683c5b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11030
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:24:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E38D 13 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 23:58:37 GMT
expires: Fri, 13 Oct 2023 23:58:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35E1 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d2cb91bac7e36b9261293b7f1f214c15ba10a1d5e0bf92bdb55c3b321c9aab2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XlKVPQZCQ2JD_xHx3mOs8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-XlKVPQZCQ2JD_xHx3mOs8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 01:24:55 GMT
expires: Fri, 14 Oct 2022 01:24:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame E38D 36 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 35E1 0
0 41ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101002&jk=4466433369131867&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A42 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqlBLC2e2_fSwxy9E8XNMcZAz48dTMhz5XZ6pJKhr3KN2tdMCsAEuV_k9GrDuPUmy_LhmI29S7bVdMdzVVcZTjM0-mXH_0_IAwCKtw2oGk4cXwTnnZWuVt77pGQAPVyANDlbO2Ohw_Y8KrNx4QNzcyYP-XzAUF8mgpjcPrFNFBQCfBj7ZQn3FjZ3nSchmVpP7gAL-h-O66vsMm4Wt5WvIJVrXqqDyCy69e7kbxUmeF2TnVBrvsJbRjV5QeedWqPwRZyEYIAp-fS20qc1KT7rOQ5b9LrWVHYJyzRVBcze__jJIFTki9aLjJu_rL2AZHS-xU_eTP9IE5kvtPwzawS2BXf715dMePAkSFD-oNN_gsjmj3SYsfnpDkYcVjWo0Jmp8IzQ&sai=AMfl-YTgfZ4MZ-LYapXI5SaHoQw1mvcpsE81BaelC3KRJQ4qL5-DoabHh3lG-yoeM0NJO7pQvCA8oUh2GVlqYUuzxgmOGiblFrv2ZeCfcGa06UEWbfWwS3fx3Hz-JOzRpiq5wqQZuQ&sig=Cg0ArKJSzOcds-MDOt3NEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 01:24:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A42 152 KB
47 KB 53ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:24:55 GMT

GET
H3 200 18136004386599964146
tpc.googlesyndication.com/simgad/ Frame 7A42 124 KB
124 KB 9ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18136004386599964146?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

705c960eb8245edda00b3581abaa58160b8ffe19f52abd8e52f0e6c164eae13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 00:37:15 GMT
x-content-type-options: nosniff
age: 89260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127124
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 23:57:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 00:37:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E38D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VMo7ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A42 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPiQnxij4fCBvq3SjzU27aZW-_3C_p_t-tPSo8q4iBrV8XXeu2rYVNiNd9OA_Lkvkr-8OgXHkbnwk3W82NqB44HM4BAZ6yc7hsbrYGwBNn8q0djGtbebgc1CAYiVQbMg-KUd4lRYB5joJH3PBWxTR9_BxUQOhn25-rTkpGFHljN2z1mpZTf7jdox0Ieu1c3MJldzY6OmPGMZo9uvtT6seWN6LaSeL20X7vgCZmnd16-cPKd0K-2XZc2q3hwVCegwJEc8KYxzj3r4XoUYRspwCYGcokqE9XIR13pEmrAyMXOnxJAEQjP_3w2dcph8huD0qcd7ZeiAMl0QxcvQzcSRFtNwYvy65BlQg&sai=AMfl-YTitiO0PK2lCRbsZB1Qi_FsLLyMPFBis5tyDvHvf9CxoKuZBs2lD3RkuXB7O5zTq2ACUa0DxFKyJMw0oMOVE9R-RGBPXMs40AN7lUqAb2QmJ0WN-Xutc3SwS0cwD-ao5BpZoQ&sig=Cg0ArKJSzFaIaT9MXL1QEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 01:24:55 GMT

GET
DATA 200
OK truncated
/ Frame 7A42 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9986bb060de773325d286b7a49ba61f5dac85e7ef267d18912a2075d5b1311b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C147 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpyYeqFoxLFRZbvpcaYvrt-t1mZXaX2aqs9NNBYrda50Rc_7aq-nuoDbV5RyEXMhqEtDA0tNUPvePtUx1RvplA_JU-8YAH0_efgZO2_WtqrDL8_gcT2633-1w0fKt9OeCNkbx5uOrwR60zhIcBRHTOqu-bpqIM_nLNa-TvAcvvRs--pKVi4H0YycHy8WfHoY7XdSHSl63tPHYU6yGr-tY_-jBNgmQlCTMQumhSz65r4r6PIlsk8YXVj0BGlD4vjh6nM8Tk_kIlpY8kQUQKM8zVlgjo9dSazfy0ZgpzXvL57p7MEhiVK3YR4AoOU-q8g33GuroVKBG7rDTFOp2ol4koXgD0PIwrJi0A5DcR_Gm94ClhoABxkVpVCwvjV53DpPt_AoGKjA&sai=AMfl-YSnzSKrEBkKdGe9QsJ6h903jY4_dF5JabnKv4OvFR0pPMI8eMBM2VfEth-K1YRe8bOFGFG3zCVAZKpH45zRn8nTga9zije7SN3caE3gfgCXUv1HJk4Oe2ThdsEMvy02mTDT&sig=Cg0ArKJSzPxwgFB3R5rzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C147 152 KB
46 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:24:55 GMT

GET
H3 200 6221559120246854366
tpc.googlesyndication.com/simgad/ Frame C147 97 KB
97 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6221559120246854366?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd0fc05b1dd433a5a185b3ebd2bd29eba57f56b60c6b9be223b071505b2f6d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:46:37 GMT
x-content-type-options: nosniff
age: 581898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98856
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 00:30:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:46:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C147 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWFfniZCcLj6PxRga8MKB8UXbkmypOk0TzlFwwaYrbaoWZxBLMJXkKbIfMt8eoXN4SulneLQE3oov05kQQxtsUjFFPcAJ2N8kb9PGP82w1LrVi3usA--uBbpj0ZfBV9-tUgBdeai0F6e2jkgfO-AIaA4J3wr9C4GRA-sPNFTkzAH71JEhGUBvRe6nEIr4a2JVXZ8j3iqKvwwDo3MQHqy9axKUdUuqGkHVjURkKRK91J46RR-zNQqBeX6biYnwv6sLct5ic5JmXq-SyRSZ56RHx4kUlcCC6bOauCQVi0B79iMlID99JyKUePt7sQB5Zg2W_-aE5DRpViKABo5e6--GRuvFDX2zpsBYd8xU&sai=AMfl-YQpPeGWtGPmzZwALZ0Tgj-7tOy6bkl7j3vhdPiBm1k05_KvCfZBGc-6j8E9FF53Y-xCblgX1aiJorgkxsUgkpYF_bgaOJB1iuvIChZJ90UGVZPf6ZZBNfGsZw2Q9ck9Onks&sig=Cg0ArKJSzGUUzLNM3hsQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 01:24:55 GMT

GET
DATA 200
OK truncated
/ Frame C147 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f48df84097992a97e1d4db6d1b0a4e82be29f530b69e57ce5ab5cc55c90a5191

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101002&jk=4466433369131867&bg=!QUKlQgbNAAYeOJy_Pjg7ACkAdvg8Wr7sckH6r3Ya9Uh2x-FaqQgFLCifvyI9E8g9Wiaqogj3Dj0CIgIAAABbUgAAABFoAQeZAp2VNF4d_4cS6ZZ-32NP0x580hgmsVXCouO8mEKOSHXmF8dKcnr-bOU-4p7mGj-bZ-7khng7sR42W6VksjpiqZOcWtm_nEMleFP0Ai6T1OaFSzwU84hRvBW07qwnRUNnSqgG108bc3Ezrn1Bn2UU20omXpNEHSsuorvBxXLrPoyqbrlBxJSTEGHma4Igki5tpkO6Hi2iWafyIoJsZrSANh_jCi53rlvMhZn7AV3qWMqctC6C77fmfHpEOU2wMOU_AohLYpaEhYC8SduuElAZjZTsi31NUk0zfKcMhvRCWJ4AJo2o27m-9ZFzQvy4PUDO4a7qY6j8SiASGlkxd00MS6dCld3PK5YAeaK6GMc_big3qEk9vv2OzCssvm6aztChxwrRZ0fXQoz7K1-UxD_reYWVUCuKo8_f375vmlr1TipFULvHo8Ry3rzKa45LTH-3-Mrrb1xZ5O-GQhrjljLgooHJxIwEk4TtuecG49bfBvjHN1Ge2rgS5Vv5--mx7QYe3hAVoekj0A6lhEFbDgrEgiRmgi5UMvjLUz06q_c8jhKynfwAYfwAmS6HP-5QhCKOV-yp8MKDOCULvdiWXPLaJxj9FMQkQrTgZz5ye3vRaE3SdjtroV6EFlcut5jnxXDxZqYzxVRCvA1MSOEdMDpeqAjWMxw2S-ayEdihzt65Hk7svwcxONaTvtrC3X7lzQru75psN_HHAWnAyTBgH0YsQl-SYgpfXbOr1om-kUBKpiAUlVPzeqPMBTRnunrNJBsFBiT_LQFfym7GZ5CQjJiuQfaDkNg3yEK05dcRG__kDpNa0Y9vG8SRoaTfGJpODtTeF1W5nqZWBKl0bA2qjWqJcBavvMQ446X7rJXasjBRURVRO2U0WTacS6wL-5u-QUc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
42 KB 51ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHM2XS

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e83a4b13844efdfd3917584f3ba896c7bc5354048f48501cae75ceb468a45fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42789
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Oct 2022 01:24:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 01:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 539
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 14 Oct 2022 03:15:57 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 45ms
9ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:56 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 21 Oct 2022 01:24:56 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 34ms
7ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-91.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 06:04:40 GMT
Content-Encoding: gzip
Via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 11215217
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: jug8hNXsvxdeyTkG7l_j3RYah-rN-cMsNQmhywZBmxklciH72VrUVg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 37ms
9ms Script
application/javascript 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/b5/tag/%E5%B1%B1%E8%A5%BF.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 07:47:01 GMT
content-encoding: gzip
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 63478
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: EeWd6_ifXHi47ssn-BI3TdTlKwNBKuaNclFzRePTne-JCdeuxqssBg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=633450525&t=pageview&_s=1&dl=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&ul=en-us&de=UTF-8&dt=%E5%B1%B1%E8%A5%BF%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1776521995&gjid=512627198&cid=943855002.1665710695&tid=UA-10465455-10&_gid=44133267.1665710697&_r=1&_slc=1&z=753258613

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 33ms
7ms Image
image/gif 99.86.4.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E5%B1%B1%E8%A5%BF%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83&time=1665710696540&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&random_number=9358023428&sess_cookie=1f3a22e6183d418285cdf496be5&sess_cookie_flag=1&user_cookie=1f3a22e6183d418285cdf496be5&user_cookie_flag=1&dynamic=true&domain=epochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-123.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:09:43 GMT
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 83714
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: e41BSNbbIBwmGzYPprqwvASe5cATsJD-23Ac_9rO94_k7wsh2TMGcA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 351ms
101ms Image
text/plain 3.131.215.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.215.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-215-186.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:56 GMT
server: Server

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 9ms
8ms Image
text/plain 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b3&cv=3.8.0.210223&ns__t=1665710696545&ns_c=UTF-8&c7=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html&c8=%E5%B1%B1%E8%A5%BF%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:56 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: N80C2wStFso1vNxY0Q0KGiBGnSZ0vcZWdwjnbPd6N4AZiOTWEvpBbw==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-a128V7tctPVtT.js Show response
rules.quantcount.com/ 3 B
438 B 36ms
8ms Script
application/javascript 2600:9000:2057:1e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 01:41:52 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 85384
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:44:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Ulhgk7xnoVmEFs0eEybPLgQ_SP6Nnv75t2RMqDDvPR1CbTG69Wv96g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10465455-10&cid=943855002.1665710695&jid=1776521995&gjid=512627198&_gid=44133267.1665710697&_u=IAhAAEAAAAAAACAAI~&z=760094644

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Oct 2022 01:24:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.epochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A42 42 B
64 B 62ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLNT49UDjxmMvJvhPjE5phqPsGXh4bIooNj-8oocRIxLnAg-Wdeu994zbH0Rg_wbYiokN1qgEiy6qwiFy93OaCZ_8lbZ_OXTdbkWubXx25pWNFFutM&sig=Cg0ArKJSzGSOURinaGF2EAE&id=lidar2&mcvt=1000&p=125,315,375,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1928841005&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665710695471&rpt=94&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1666714231;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html;uht=2;fpan=1;fpa=P0-864811364-1665710696592;pbc=;ns=0;ce=1;qjs=1;qv=7...
pixel.quantserve.com/ 35 B
372 B 22ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1666714231;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.epochtimes.com%2Fb5%2Ftag%2F%25E5%25B1%25B1%25E8%25A5%25BF.html;uht=2;fpan=1;fpa=P0-864811364-1665710696592;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=epochtimes.com;dst=0;et=1665710696591;tzo=0;ogl=locale.en_US%2Ctype.object%2Ctitle.%E5%B1%B1%E8%A5%BF%20-%20%E5%A4%A7%E7%B4%80%E5%85%83%2Cdescription.%E5%B1%B1%E8%A5%BF%E7%9A%84%E7%9B%B8%E9%97%9C%E6%96%87%E7%AB%A0%2Curl.https%3A%2F%2Fwww%252Eepochtimes%252Ecom%2Fb5%2Ftag%2F%25e5%25b1%25b1%25e8%25a5%25bf%252Ehtml%2Csite_name.%E5%A4%A7%E7%B4%80%E5%85%83%20www%252Eepochtimes%252Ecom%2Cimage.https%3A%2F%2Fi%252Eepochtimes%252Ecom%2Fassets%2Fuploads%2F2017%2F02%2FDJY_FB_DefaultImage2017%252Ejpg;ses=a5d8c16a-7627-42db-9f66-2478bff38e7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
20ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10465455-10&cid=943855002.1665710695&jid=1776521995&_u=IAhAAEAAAAAAACAAI~&z=1409398735

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
21ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10465455-10&cid=943855002.1665710695&jid=1776521995&_u=IAhAAEAAAAAAACAAI~&z=1409398735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C147 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst73YD3jg6iDP9U-3S3MPAQStQvoOGvYMagbvg_UB_3P_QqlYciljKz-xP4_wZKKy3hsS9JiyEg6Q5D366PVbx5HpRjEvteBHUI49b8wgzTcbRoi9zW&sig=Cg0ArKJSzPgHcbi5np1QEAE&id=lidar2&mcvt=1000&p=646,975,896,1275&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2458695766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665710695637&rpt=86&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.epochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8C4B 38 KB
14 KB 46ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124463
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: Sat, 15 Oct 2022 11:59:20 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame B843 116 B
441 B 43ms
8ms Document
text/html 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 550
content-length: 116
content-type: text/html
date: Fri, 14 Oct 2022 01:15:48 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-id: vQoKRfyfG2ylWez868ErGRLG6YIo92whxhqeoQHMW3xAYMioibLV-Q==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 8CA2 116 B
440 B 38ms
9ms Document
text/html 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 550
content-length: 116
content-type: text/html
date: Fri, 14 Oct 2022 01:15:48 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-id: 8M_h35p-ULFHHMahI_yRgqoZXfc_LcpOHC-XGuJAWVSYnHgot2uIxw==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame B530 116 B
441 B 34ms
9ms Document
text/html 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 550
content-length: 116
content-type: text/html
date: Fri, 14 Oct 2022 01:15:48 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-id: 2iqUVHymexP43Eyn3wnFmlMqVChwUvUIVEhGySm8CVPZ1IxOQ3_eaQ==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7EC5 38 KB
14 KB 27ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124463
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: Sat, 15 Oct 2022 11:59:20 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9FC7 38 KB
14 KB 31ms
14ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124463
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: Sat, 15 Oct 2022 11:59:20 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0AC1 3 KB
1 KB 51ms
16ms Document
text/html 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10399
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 759c84b0eed1bb5c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: Fri, 14 Oct 2022 05:24:57 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5913 52 KB
17 KB 38ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 70808
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 14 Oct 2022 01:24:57 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1012652
X-Served-By: cache-lga13626-LGA, cache-hhn4053-HHN
X-Timer: S1665710697.103867,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F363 52 KB
17 KB 35ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 70809
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 14 Oct 2022 01:24:57 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1008663
X-Served-By: cache-lga13626-LGA, cache-hhn4059-HHN
X-Timer: S1665710697.103179,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame A706 3 KB
2 KB 43ms
15ms Document
text/html 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10399
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 759c84b0eed4bb5c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: Fri, 14 Oct 2022 05:24:57 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7B58 52 KB
17 KB 32ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 70808
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 14 Oct 2022 01:24:57 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1012773
X-Served-By: cache-lga13626-LGA, cache-hhn4074-HHN
X-Timer: S1665710697.103600,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 46F2 3 KB
1 KB 42ms
17ms Document
text/html 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.epochtimes.com
URL: https://www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.epochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10399
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 759c84b0eed5bb5c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: Fri, 14 Oct 2022 05:24:57 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame B843 3 KB
4 KB 9ms
8ms Script
application/javascript 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:10:03 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79622
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3302
x-amz-cf-id: HaPVyYFdTWbJZ8b1xZmjJj0N7ndlhICGuMCrra-46vFlxs8edw8Cww==

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 8CA2 3 KB
4 KB 7ms
7ms Script
application/javascript 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:10:03 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79622
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3302
x-amz-cf-id: 5FET9asWYb11dT9gImzY4i2Rm0gBJYOJ1_rUrocgzzWLPRMQ5s-FkA==

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame B530 3 KB
4 KB 7ms
7ms Script
application/javascript 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:10:03 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79622
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3302
x-amz-cf-id: HF11P6PborcRBatuZT1qJujyqF4X7CoO3lb0wj3sj4XnMI_uwZTpEw==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8C4B 0
42 B 69ms
12ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11156218&p=156822&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F363 0
737 B 14ms
14ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
AN-X-Request-Uuid: 6c9d887b-0331-4510-8c84-58bb2bad063f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5913 0
737 B 15ms
14ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
AN-X-Request-Uuid: 25f13d09-b8c8-4f0c-8415-d62c1acd527f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7B58 0
737 B 13ms
13ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
AN-X-Request-Uuid: 4cfe3404-44f6-45e2-9207-6af13f58a7f1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET buyers
dmx.districtm.io/s/v1/ Frame B843 0
0

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame B110
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

44ms
29ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d1aef72eea90a34452273e8d168743b2e4b589ab30d461e4e8f9f2d0df1df0

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 759c84b1ee935b3e-FRA
content-encoding: br
content-type: text/html
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaDMr6J3DGY%2F9Q7cYffgqwUUSNwv6xSUFUphr7ndndSelRxUGomMQA6EWAvkKrETSVbIOfKXbtpe4OnB84z2nL7VNo8yl%2BzqAU9u%2FRj8EIngIC%2Fk7mJfOE9orudDPoCNIS2P88Q3Ik4dxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 759c84b1abb991e1-FRA
content-length: 0
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcXb3AXL78cA5m4g7jJcKtmH85W7oZGOjZAUQtJQt78dmPGnQ3zB9l%2BHKrGK6bGTeb%2BnhsVv%2F9XsgalpiOKUA0BvP9np4ilrhiIOOnI9AlcEcaJGh7wTVip6QhcgVovZsN3SGsCKkMqiUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 5273
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

50ms
37ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfe6f3c9f3aed4c8bf54239d919516dad3b7b8fd5fe24a25ecaac8e63f94cb8

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 759c84b1ee945b3e-FRA
content-encoding: br
content-type: text/html
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBbyF7bQupK68uesi5u1H7pYZo%2F8Kcw2fRBDIAU4QRmN7%2B9%2FKAiBXYzWwKCTqle36pzzwQlcV%2F2mcy0elA2qhpjQTIsUNxMObezfvmd%2FXdISPu%2BXrfcANzhj%2Bl3fAZRd2h%2FJbyLCgPoQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 759c84b1abbb91e1-FRA
content-length: 0
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxpRTj0CZcyRj43ex07FOJDd0xsPKZqxsQyuO2UO1UVZmijIL20w6aXejsYwzZt4p2%2FH5WF%2FEBeUv68oDw3KQbVNkD4RcU1lMSgmrtVKt4AUVF6avLJxCcdPEIv3I6re%2Bn6iB37fb6fm2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 676E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
1 KB

47ms
33ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73f7620d06d82a0e0cba4784f0cdc1d148b8d92e32f57cd3adb526e47cc9cba

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 759c84b1ee915b3e-FRA
content-encoding: br
content-type: text/html
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7DC0ebx3xzKOA8E0R1oP%2BKaEtrJ8qFATL3YdcmmOFdqDvekRYLSSlVQNd99isf9%2FZX682umz97Es3QKRMIfZ1SOVXVgaO%2BeQj8Nh7rCVGOXHTrIpr%2B5iPsEEWUllK1zK%2B8TzFzR0l7rDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 759c84b1abbd91e1-FRA
content-length: 0
date: Fri, 14 Oct 2022 01:24:57 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFg2gnyAcx9G15gVkKMimrm09I4QZDG9nZJktaEV9ikd2KsLLipFp8hfDRvEjWUcwVcpV4BR%2BBwAfoh4tVOM%2FVtyfOqj%2FKKOIfYkYwwB7Y5C9kOYEQOgHM1hXHBJh0yCzeQI37dLRjeBQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET buyers
dmx.districtm.io/s/v1/ Frame 8CA2 0
0

GET buyers
dmx.districtm.io/s/v1/ Frame B530 0
0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B110 70 B
265 B 97ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame B110
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOoUft_y7zb51uVisOIHKZs&google_cver=1

43 B
847 B

25ms
25ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOoUft_y7zb51uVisOIHKZs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rs5HdYO45hqm712P6xAk%2BW5oqKiOg%2FGPTBUS01hTqqhaiN6PV%2B8ewr%2FWhxuHT49BEjUhJ6g2dyk6w1879xS%2BAu7SIBASe%2FvRaTX96W1gxuowVFBiu0L09IUgZEYZO8r86T3k2J%2BdO9%2FzAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 759c84b2bf0e5b3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOoUft_y7zb51uVisOIHKZs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B110
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0i6aeq.4-IHhONqsa3GuQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBljFPE5YG32tAU8KnhO6m8&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBljFPE5YG32tAU8KnhO6m8&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBljFPE5YG32tAU8KnhO6m8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B110
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t

43 B
855 B

120ms
120ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SPZ55GPR3N3QNZW5YF40
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SW5P0Z2TZB0QNC3SJNZ7
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B110
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB

43 B
603 B

38ms
34ms

Image
image/gif

2a05:d018:d29:3602:9a19:4aca:1a41:e6f4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

2a05:d018:d29:3602:9a19:4aca:1a41:e6f4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B110
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq.4-IHhONqsa3GuQAA%261105
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bb253b67-6a3e-47fd-9d33-42a7294b455c-tucta423fe9

43 B
766 B

97ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bb253b67-6a3e-47fd-9d33-42a7294b455c-tucta423fe9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bb253b67-6a3e-47fd-9d33-42a7294b455c-tucta423fe9
date: Fri, 14 Oct 2022 01:24:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12492

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B110
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
766 B

141ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 14 Oct 2022 01:24:57 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B110
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044798399332177630

43 B
766 B

88ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044798399332177630
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044798399332177630
pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B110 43 B
103 B 55ms
18ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y0i6aeq.4-IHhONqsa3GuQAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 10432
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759c84b2b835bbe5-FRA
content-length: 43
expires: Fri, 14 Oct 2022 05:24:57 GMT

GET
H2 200 Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 676E 43 B
601 B 112ms
35ms Image
image/gif 2a05:d018:d29:3602:9a19:4aca:1a41:e6f4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:9a19:4aca:1a41:e6f4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 676E 43 B
433 B 136ms
30ms Image
image/gif 54.171.34.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.34.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-34-58.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 676E
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665797097

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665797097
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665797097
pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 676E 0
191 B 79ms
20ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 14 Oct 2022 01:24:56 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 676E
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB

43 B
603 B

38ms
35ms

Image
image/gif

2a05:d018:d29:3602:9a19:4aca:1a41:e6f4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

2a05:d018:d29:3602:9a19:4aca:1a41:e6f4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 676E
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0CAFBE8F27D4E62B11BA7FC58C146CF

43 B
766 B

67ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0CAFBE8F27D4E62B11BA7FC58C146CF
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0CAFBE8F27D4E62B11BA7FC58C146CF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 13 Oct 2022 01:24:57 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 676E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086672910076522110&expiration=1666920297

43 B
766 B

71ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086672910076522110&expiration=1666920297
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086672910076522110&expiration=1666920297
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 676E
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4116855993370105566

43 B
766 B

89ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4116855993370105566
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4116855993370105566
pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 676E 43 B
353 B 49ms
13ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y0i6aeq.4-IHhONqsa3GuQAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 10432
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759c84b2b839bbe5-FRA
content-length: 43
expires: Fri, 14 Oct 2022 05:24:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5273
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=VICdvwDSn79PipyzBoaE41eCnrdP1pC1VNIx6oBc

43 B
766 B

185ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=VICdvwDSn79PipyzBoaE41eCnrdP1pC1VNIx6oBc
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 01:24:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=VICdvwDSn79PipyzBoaE41eCnrdP1pC1VNIx6oBc
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5273
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=V7GsRWT91OJ9rz5

43 B
766 B

123ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=V7GsRWT91OJ9rz5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=V7GsRWT91OJ9rz5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame 5273 0
44 B 298ms
91ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:56 GMT
content-length: 0
server: c

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 5273 42 B
181 B 110ms
30ms Image
image/gif 54.73.71.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.71.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-71-55.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 5273
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2924577974155165856

43 B
894 B

124ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2924577974155165856
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
AN-X-Request-Uuid: 20268701-659c-468d-9725-917bb8685b12
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2924577974155165856
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5273
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-317b9803-cad2-4fbe-af71-7a9a3bf777b8

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-317b9803-cad2-4fbe-af71-7a9a3bf777b8
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-317b9803-cad2-4fbe-af71-7a9a3bf777b8
date: Fri, 14 Oct 2022 01:24:57 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 204 /
csync.loopme.me/ Frame 5273 0
131 B 55ms
27ms Image
text/plain 2606:4700::6813:ac6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ac6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 759c84b2ad185c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5273
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t

43 B
855 B

121ms
121ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CYCQDE0T795SE0JF564P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CFAH0Q9HXPHMDCMCRK1F
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0i6aeq-4_IHhONqsa3GuQAABFEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 5273 43 B
102 B 50ms
16ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y0i6aeq.4-IHhONqsa3GuQAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epochtimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:24:57 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 10432
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759c84b2b83abbe5-FRA
content-length: 43
expires: Fri, 14 Oct 2022 05:24:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F363 0
737 B 17ms
15ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:58 GMT
AN-X-Request-Uuid: 92dfae14-54df-4e8b-86d9-c289faa16f4e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5913 0
737 B 18ms
15ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:58 GMT
AN-X-Request-Uuid: 690c95b7-2b85-4f86-8289-d1ea8bb4ebad
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7B58 0
737 B 19ms
17ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 01:24:58 GMT
AN-X-Request-Uuid: e9fce949-bc98-47aa-b222-07bd232811ae
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/buyers

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/buyers

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/buyers

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 08:51:26	Name: icu Value: ChgI159BEAoYASABKAEw5vSimgY4AUABSAEQ5vSimgYYAA..
.adnxs.com/	1970-01-20 08:51:26	Name: uuid2 Value: 2924577974155165856
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8543\|Y0i6a
.doubleclick.net/	1970-01-20 16:03:26	Name: IDE Value: AHWqTUkv0yYbxt_WzF7JKSyxpVduGd6bGyX6b133XVOfgHOXzFecoBTZ2r6YrIB9uAc
.doubleclick.net/	1970-01-20 06:41:51	Name: test_cookie Value: CheckForPermission
.epochtimes.com/	1970-01-20 16:03:26	Name: __gads Value: ID=483cbe2e9f6e3fe0-227bd52c47ce0097:T=1665710695:S=ALNI_MbAH_GeG_w2dGb4rmZ3N8iPyuPG1Q
.epochtimes.com/	1970-01-20 16:03:26	Name: __gpi Value: UID=00000b72838fc174:T=1665710695:RT=1665710695:S=ALNI_MbeVY7kU36hRK-RZdNagZvO7TGC7w
.epochtimes.com/	1970-01-20 16:17:50	Name: _ga Value: GA1.2.943855002.1665710695
.epochtimes.com/	1970-01-20 06:43:17	Name: _gid Value: GA1.2.44133267.1665710697
.epochtimes.com/	1970-01-20 06:41:50	Name: _gat Value: 1
.epochtimes.com/	1970-01-20 06:41:52	Name: __asc Value: 1f3a22e6183d418285cdf496be5
.epochtimes.com/	1970-01-20 15:28:53	Name: __auc Value: 1f3a22e6183d418285cdf496be5
.quantserve.com/	1970-01-20 16:12:05	Name: mc Value: 6348ba68-954d5-d5170-e926a
.epochtimes.com/	1970-01-20 16:06:19	Name: __qca Value: P0-864811364-1665710696592
.ads.pubmatic.com/	1970-01-20 06:43:17	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 15:27:26	Name: CMID Value: Y0i6aeq.4-IHhONqsa3GuQAA
.casalemedia.com/	1970-01-20 08:51:26	Name: CMPS Value: 1105
.casalemedia.com/	1970-01-20 08:51:26	Name: CMPRO Value: 1105
.quantserve.com/	1970-01-20 08:51:26	Name: d Value: EHYBDQGqJ7jvsQA
.analytics.yahoo.com/	1970-01-20 15:27:26	Name: IDSYNC Value: 175w~27pd
.w55c.net/	1970-01-20 16:12:05	Name: wfivefivec Value: V7GsRWT91OJ9rz5
.w55c.net/	1970-01-20 07:25:02	Name: matchcasale Value: 5
.yahoo.com/	1970-01-20 15:27:48	Name: A3 Value: d=AQABBGm6SGMCENU52ma5wwUNvPXyDXqgiUwFEgEBAQELSmNSYwAAAAAA_eMAAA&S=AQAAAkwEw5EwHCMPw1cRJZcBMrc
.adform.net/	1970-01-20 07:26:29	Name: C Value: 1
.turn.com/	1970-01-20 11:01:02	Name: uid Value: 4116855993370105566
.adform.net/	1970-01-20 08:08:14	Name: uid Value: 6086672910076522110
.simpli.fi/	1970-01-20 15:28:53	Name: suid Value: E0CAFBE8F27D4E62B11BA7FC58C146CF
.casalemedia.com/	1970-01-20 08:51:26	Name: CMTS Value: 2220
.amazon-adsystem.com/	1970-01-20 16:17:50	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:14	Name: ad-id Value: A0W5a6rZ7Em_qP_O5meZA9M

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dmx.districtm.io/b/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmx.districtm.io/b/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmx.districtm.io/b/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmx.districtm.io/s/v1/buyers Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmx.districtm.io/s/v1/buyers Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmx.districtm.io/s/v1/buyers Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
c1.adform.net
casale-match.dotomi.com
cdn.districtm.io
cdn.indexww.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
d.adroll.com
d31qbv1cthcecs.cloudfront.net
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
f5c301a0a386bce4703852d552c50cdb.safeframe.googlesyndication.com
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.epochtimes.com
ib.adnxs.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
nep.advangelists.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.taboola.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.epochtimes.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
dmx.districtm.io
104.18.12.76
104.18.18.126
130.211.7.151
135.125.160.77
141.226.228.48
142.250.186.130
143.204.215.108
151.101.65.108
18.197.134.247
185.80.39.216
185.89.210.20
193.108.153.28
198.47.127.19
198.47.127.22
2001:678:cb4:bbbb::11
23.35.236.201
2600:9000:2057:1e00:6:44e3:f8c0:93a1
2606:4700::6813:ac6c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9b
2a02:fa8:8806:13::1400
2a05:d018:d29:3602:9a19:4aca:1a41:e6f4
3.126.56.137
3.131.215.186
34.197.236.151
35.204.158.49
35.71.131.137
37.157.4.40
38.91.45.7
52.46.130.91
54.171.34.58
54.73.71.55
65.9.66.67
66.155.71.25
69.166.1.8
99.86.4.123
99.86.4.91
010cf00391bdddeb3eff098a38c34ea45ce26ddedba59a469f3c956146628ab5
05a053035ebc391b3bb0c34f69d09dc3e98644a041f3f60873d5825cf6461e1e
0a463133102a2df8f8c9290820f155c9c57df0fe98d9a7a00bd88e9cf90cd74b
12c9611f8ddb6b01b04dd93ef55e5f0dec441f84472d0a1fcd2a2072f045a6df
1569bcd9a49460bf6663536d063fd440bf94238643b0f0cf2fe5eee81d4bc630
172b9d766136b71550cc210e49557d5d4d8fa46dc90731defa518fe382eba339
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f
1ad35ef353080b44ef31f7008296d9b81c4875636215bd49aa9f9327ca313848
2074dbf591ea4ea9c2c039b0a21bf4bd6c80357dc85ac1dcc6f0d4e056c1754c
21d09adc69a2757b6379c2cd7ec4abf6d6c8ce0d853a7d10173fcf29b0133fad
231da198264dea55d3728d73286eefabb829cd5dba15bf7b4676ff3df85dd0ce
26de5c70a44e9fc85e70c69f74e524520a802632f7a53f53f1222ece535fc640
27d8ee517f5e3f0253dc988e9985512ce6209823a6a3f5f7c6cddfe1afc0642f
297ca9748cbbe4f3c7b1b11a564ae106f95083c5d3432f0dbda973ac8c4cadca
2d08707214742ca3f1c2ba3dd7d4a182eccc1eef2d1f961cecf6925eb6258883
2fbac88a03bb0c2c14a417ef3550773f1d64910ab3266d32b7e29d4a7a8eb98f
325caff6e214b92ed0eab1720f5324d927e95c1f514df7e130819598bbf25cbc
33f680f57015ab484ce1019e634292ff505a795a4b5a3fef6b6e91166bb08132
3ac7491cc9257c2e582e174f8afe9ce81a081494fec7a513eaf424c295150467
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6dcaeebfca24b2ae14675b7c0505b466dd861949128750c46f6a604cf4cac0
3f748dc226127c3c519144709a0db336dd1e3c01dfd1d1c4348ae09b489f8c65
4331441babcd68d3ca8c9a613f41530fcc403e9b63a15830d2e65cbbb8f1511f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d2cb91bac7e36b9261293b7f1f214c15ba10a1d5e0bf92bdb55c3b321c9aab2
546d0b9a2144ab5b9f7d0bda7a326201bfc6c67ea47d4bb24f0fafd2075f878e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599e69a950ccf856bf747a6bd3404db7099331fee7a9b7c0972dc9591ef7e761
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
65afe802898a31c28fe92e014c335174d8fd64205f83a6d3258bacc5c9bed2e4
68bed6d16d0fe7cd57be2b7a921492da9c84474154f81e395aa3ef120c6135df
6a5a43b6f9f8b22b3f2d15b8f75f534fd794e61d66df7e532ce45a675e2f7c32
6ec51ed8e796e4885dd6b97acec8af8c5f1cf9c06f4841859b847b5d7a8ce5be
705c960eb8245edda00b3581abaa58160b8ffe19f52abd8e52f0e6c164eae13c
76034bde5e980ad5b967771b268db3d60c5033190cac3f2cb2dd6b928f4c3918
7bb0c604f0ce4ed235a2d416704a0ed6ae2981ebe518e5a372d057819f8c1587
7bfe6f3c9f3aed4c8bf54239d919516dad3b7b8fd5fe24a25ecaac8e63f94cb8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eac04c4056e634a1426254f59e7ce00fed9b6ab8f7ae71395d98019b3341f44
9986bb060de773325d286b7a49ba61f5dac85e7ef267d18912a2075d5b1311b9
9ada26a4c7994707dc1731ab2a8924b4ef50561fc98899cfb551ab52683c5b03
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1275d93cf85644e4c169c82592c0b0b79ff4a4e242ca17b6ba9bb3944762c17
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a788f94dc6a87319d5df8429d81b89722d98ff3edb5b8ab113f8be5c26d5f797
acacfdd99df89f172e3c5a5f24550dee471dd24df74f5f840e64be1ed3a10e60
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6a469b678f0f023fd3b4596d728fc14dd7023da2ea89270d0083f7605b182b1
bb474652565205c3a25419386dcc76caeec9ffd9c2937be6df7b02943a141972
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32f2c273444cc5253baff690e39ededa3fe95e96958296d2eef4b917c17a61d
c73b4a1bdb78498397f4a961ef65670405e7d3e411539f9077c81d306fe8e2b8
c73f7620d06d82a0e0cba4784f0cdc1d148b8d92e32f57cd3adb526e47cc9cba
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d18322f99d60e4c43a4deb49a632c0c1e44789b9d7f94a9f06c8e6e06c45ec9b
d8d4caf3ab2413dabc0f47082d53a596b6c84593f86f0914321fffa8deb6fe41
d9a5081e27d2eac538eef346a029c517b9b86ecca95e3a246bd718edcd3324b9
d9d4636626350d8ba41907b9055b3947ddb2d855783eb57fae1bd376bbc884d3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0fc05b1dd433a5a185b3ebd2bd29eba57f56b60c6b9be223b071505b2f6d1a
e32c6abaa228b76c86d162e7ea22b7553f1b2bbd8ab21e251098c9989d4190c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d1aef72eea90a34452273e8d168743b2e4b589ab30d461e4e8f9f2d0df1df0
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e80f3e63f4e2e833389b41c63a58187c94708e79021e675d2ee6812f8566109f
e83a4b13844efdfd3917584f3ba896c7bc5354048f48501cae75ceb468a45fa9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c2e71998d491bea4d688ca56c8eeab55e8d0e3a45ec0eff9b21518a7efe110
f48df84097992a97e1d4db6d1b0a4e82be29f530b69e57ce5ab5cc55c90a5191
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

www.epochtimes.com Open in urlscan Pro 130.211.7.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

84 %HTTPS

36 %IPv6

36 Domains

54 Subdomains

38 IPs

11 Countries

1403 kBTransfer

2774 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.epochtimes.com Open in urlscan Pro
130.211.7.151 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

84 %
HTTPS

36 %
IPv6

36
Domains

54
Subdomains

38
IPs

11
Countries

1403 kB
Transfer

2774 kB
Size

30
Cookies

142 HTTP transactions
2 data transactions