www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lists.youmaker.com/links/RSyC52zWg/Jlid8tcrj/1PzW17LTI5/xULcBgvdrE
Effective URL:
https://www.theepochtimes.com/c-americas
Submission: On May 25 via api (May 25th 2022, 3:09:25 pm UTC) from US — Scanned from DE

Summary HTTP 228 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 64 IPs in 8 countries across 48 domains to perform 228 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.theepochtimes.com. The Cisco Umbrella rank of the primary domain is 50709.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.

This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.71.159.106 64.71.159.106	6939 (HURRICANE) (HURRICANE)
19	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
31	34.102.198.207 34.102.198.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	65.9.66.173 65.9.66.173	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
22	104.104.55.26 104.104.55.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 4	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.84 18.66.248.84	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	35.201.68.206 35.201.68.206	15169 (GOOGLE) (GOOGLE)
1	99.86.4.120 99.86.4.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.123 99.86.4.123	16509 (AMAZON-02) (AMAZON-02)
1	44.236.105.167 44.236.105.167	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:5800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
10	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.215.186.48 54.215.186.48	16509 (AMAZON-02) (AMAZON-02)
6	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3038::6815:ea4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.211.168 52.92.211.168	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:37a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:4a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	44.241.129.108 44.241.129.108	16509 (AMAZON-02) (AMAZON-02)
1	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:4c96:5596:18cd:cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.206.200 44.194.206.200	14618 (AMAZON-AES) (AMAZON-AES)
1	34.198.184.125 34.198.184.125	14618 (AMAZON-AES) (AMAZON-AES)
4	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.213.100.194 18.213.100.194	14618 (AMAZON-AES) (AMAZON-AES)
4 7	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	35.157.1.22 35.157.1.22	16509 (AMAZON-02) (AMAZON-02)
1	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
2	35.166.77.195 35.166.77.195	16509 (AMAZON-02) (AMAZON-02)
3	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
6 21	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 6	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	3.232.89.139 3.232.89.139	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.170.174.103 35.170.174.103	14618 (AMAZON-AES) (AMAZON-AES)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3605:9f4c:83a8:7085:a009	16509 (AMAZON-02) (AMAZON-02)
2 3	104.92.91.221 104.92.91.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:303... 2606:4700:3038::6815:ea4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
228	64

1 64.71.159.106 (Valley Springs, United States) 1 redirects

ASN6939 (HURRICANE, US)

lists.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

www.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 34.102.198.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.198.102.34.bc.googleusercontent.com

subs.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.104.55.26 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-55-26.deploy.static.akamaitechnologies.com

img.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.32 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-84.dus51.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-120.fra6.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-123.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.105.167 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-105-167.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.161.190 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.215.186.48 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-186-48.us-west-1.compute.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea4f (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.211.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:37a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:832 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.129.108 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-129-108.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.206.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-206-200.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.184.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-184-125.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.7.168.74 (Livingston, United States)

ASN3356 (LEVEL3, US)

ea.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.100.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-100-194.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.1.22 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-1-22.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.166.77.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-77-195.us-west-2.compute.amazonaws.com

ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2.20.157.55 (Milan, Italy) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.177.54 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.89.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-89-139.compute-1.amazonaws.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.174.103 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-174-103.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9f4c:83a8:7085:a009 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.91.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-91-221.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ea4e (United States)

ASN13335 (CLOUDFLARENET, US)

subsapi.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	theepochtimes.com www.theepochtimes.com — Cisco Umbrella Rank: 50709 subs.theepochtimes.com img.theepochtimes.com — Cisco Umbrella Rank: 30118	3 MB
18	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 477 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 dsum.casalemedia.com — Cisco Umbrella Rank: 1272	20 KB
18	adnxs.com 1 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1628 ib.adnxs.com — Cisco Umbrella Rank: 240 secure.adnxs.com — Cisco Umbrella Rank: 424 acdn.adnxs.com — Cisco Umbrella Rank: 596	62 KB
15	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 92 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	150 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130	250 KB
12	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 288 s.amazon-adsystem.com — Cisco Umbrella Rank: 278	45 KB
9	clickcertain.com 6 redirects a.clickcertain.com — Cisco Umbrella Rank: 3731	7 KB
7	google.com www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 74 accounts.google.com — Cisco Umbrella Rank: 82	79 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 658	6 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 809	1 KB
5	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3811 rp.liadm.com — Cisco Umbrella Rank: 2835 rp4.liadm.com — Cisco Umbrella Rank: 10775 idx.liadm.com — Cisco Umbrella Rank: 5570 i.liadm.com — Cisco Umbrella Rank: 525	13 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	109 KB
4	epochbase.com ea.epochbase.com — Cisco Umbrella Rank: 85757	465 B
4	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354 eus.rubiconproject.com — Cisco Umbrella Rank: 556 token.rubiconproject.com — Cisco Umbrella Rank: 692	11 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 141	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
4	youmaker.com 1 redirects lists.youmaker.com — Cisco Umbrella Rank: 66779 www.youmaker.com — Cisco Umbrella Rank: 64436 sc.youmaker.com — Cisco Umbrella Rank: 65558 subs.youmaker.com — Cisco Umbrella Rank: 59635	196 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 998	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	793 B
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
3	amazonaws.com s3-us-west-2.amazonaws.com ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	30 KB
3	epoch.cloud services.epoch.cloud — Cisco Umbrella Rank: 93106 subsapi.epoch.cloud — Cisco Umbrella Rank: 82503	3 KB
3	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 5300	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 297 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485	1 KB
2	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 857	83 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 826	840 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 437	590 B
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 6201	955 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	499 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	70 KB
2	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 24041	71 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 987 pixel.quantserve.com — Cisco Umbrella Rank: 427	10 KB
2	gstatic.com fonts.gstatic.com	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	143 KB
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370	379 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 3854	399 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2790	187 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 16461	20 KB
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 40817	629 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1014	513 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 918	429 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com — Cisco Umbrella Rank: 4391	551 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
0	loopme.me Failed csync.loopme.me Failed
228	48

	Domain	Requested by
31	subs.theepochtimes.com	www.theepochtimes.com subs.theepochtimes.com
22	img.theepochtimes.com	www.theepochtimes.com
19	www.theepochtimes.com	www.theepochtimes.com
10	ib.adnxs.com	www.theepochtimes.com acdn.adnxs.com ssum-sec.casalemedia.com
9	a.clickcertain.com	6 redirects a.remarketstats.com a.clickcertain.com
8	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
7	cm.g.doubleclick.net	4 redirects ssum-sec.casalemedia.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.theepochtimes.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.theepochtimes.com
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	ssum-sec.casalemedia.com	3 redirects js-sec.indexww.com
6	js-sec.indexww.com	www.theepochtimes.com ssum-sec.casalemedia.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	onetag-sys.com	www.theepochtimes.com
6	c.amazon-adsystem.com	www.theepochtimes.com c.amazon-adsystem.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	ea.epochbase.com	subs.theepochtimes.com www.googletagmanager.com
4	prebid.adnxs.com	www.theepochtimes.com
4	sb.scorecardresearch.com	2 redirects www.theepochtimes.com
4	www.google-analytics.com	www.theepochtimes.com www.google-analytics.com www.googletagmanager.com
3	accounts.google.com	www.theepochtimes.com accounts.google.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	ssum-sec.casalemedia.com
3	acdn.adnxs.com	www.theepochtimes.com
3	x.bidswitch.net	1 redirects a.clickcertain.com ssum-sec.casalemedia.com
3	exchange.postrelease.com	www.theepochtimes.com
3	htlb.casalemedia.com	www.theepochtimes.com
3	www.google.com	www.theepochtimes.com tpc.googlesyndication.com
2	subsapi.epoch.cloud	www.theepochtimes.com
2	match.deepintent.com	ssum-sec.casalemedia.com
2	um.simpli.fi	1 redirects ssum-sec.casalemedia.com
2	eus.rubiconproject.com	www.theepochtimes.com eus.rubiconproject.com
2	ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	s3-us-west-2.amazonaws.com
2	pixel.tapad.com	2 redirects
2	p.alocdn.com	1 redirects
2	www.facebook.com
2	connect.facebook.net	www.theepochtimes.com connect.facebook.net
2	www.googletagservices.com	www.theepochtimes.com securepubads.g.doubleclick.net
2	js.chargebee.com	subs.theepochtimes.com js.chargebee.com
2	fonts.gstatic.com	www.theepochtimes.com fonts.googleapis.com
2	www.googletagmanager.com	www.theepochtimes.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	ups.analytics.yahoo.com	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	s.company-target.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	subs.youmaker.com	subs.theepochtimes.com
1	secure.adnxs.com	1 redirects
1	i.liadm.com	1 redirects
1	idx.liadm.com	b-code.liadm.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	sc.youmaker.com	www.theepochtimes.com
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	clientcdn.pushengage.com	www.theepochtimes.com
1	47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	a.remarketstats.com	1 redirects
1	s3-us-west-2.amazonaws.com	www.theepochtimes.com
1	services.epoch.cloud	www.theepochtimes.com
1	pixel.rubiconproject.com	www.theepochtimes.com
1	sync.go.sonobi.com	www.theepochtimes.com
1	pixel.quantserve.com	www.theepochtimes.com
1	www.google.de	www.theepochtimes.com
1	rules.quantcount.com	secure.quantserve.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.theepochtimes.com
1	certify.alexametrics.com	www.theepochtimes.com
1	d31qbv1cthcecs.cloudfront.net	www.theepochtimes.com
1	www.youmaker.com	www.theepochtimes.com
1	secure.quantserve.com	www.theepochtimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	lists.youmaker.com	1 redirects
0	csync.loopme.me Failed	ssum-sec.casalemedia.com
228	77

This site contains links to these domains. Also see Links.

Domain
subscribe.theepochtimes.com
service.theepochtimes.com
epochshop.com
store.theepochtimes.com
offers.theepochtimes.com
markets.theepochtimes.com
reader.epoch.cloud
epochtimes.bg
www.epochtimes.com
es.theepochtimes.com
www.epochtimes.jp
kr.theepochtimes.com
www.erabaru.net
www.epochtimes.fr
www.epochtimes.de
www.epochtimes.it
www.epochtimes.com.br
www.epochtimes.se
www.epochtimes.nl
www.epochtimes.ru
www.epochtimes.com.ua
www.epochtimes-romania.com
www.epochtimes.cz
epochtimes.pl
epochtimestr.com
persianepochtimes.com
etviet.com

Subject Issuer	Validity	Valid
*.theepochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
js.chargebee.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-06-23`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-03` - `2022-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.pushengage.com Amazon	`2022-02-18` - `2023-03-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-17` - `2022-12-18`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2021-08-01` - `2022-08-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.theepochtimes.com/c-americas
Frame ID: BB4F5ACC9973C0B04FC687C91537A789
Requests: 134 HTTP requests in this frame

Frame: https://47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A2DEFC98535D12DDD9B42F287D42C5F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88DAD622E5CBD6064952E3E1110674B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CE19FCE4C5DDB3997BB7DA339F61B2C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Frame ID: E6903A449F95457338AF37FE437CE344
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5l5sK9ZXpY_2AfLqTpSDWt7TqzzGnkVz1V711DAKEvpUtDvDKjKu1fxOv2nYC_wVKQXrram-FzWaN7-t-wSZVGKMi-jywI0vaYX0xjnimPxjb_-wQZh2MVRqtbBW7DD_5p3pgMsSfE61wroyDhUL5SbvQdW6KoaZTvhGa7-eRL90aohP8laj0r4oye85WySquT1p-MaG9T3mD4W0lr6FiOiHC6q0jKGlYSWcx7y8k9D_TD8SWZ73v_bcbstLjTvAe792AFHyh4hzxfiIWWVpQYW-o2_fGUNII1kudKZIIaNZfKRZ288EyW4qiTxK6u_tsFGbizw1OPWBB12fGycFAWKxGfOyUfOn-VG667SKMmrUIbG9RGByyn0vJGR14Z8HJzck&sai=AMfl-YS7dhR8eHEFPXvuuEx7ZLWSDbJ3R5h60vIo0kAOEtfmsQwgLZuBmho9Dr56yiJZcteoYx1kdJaceQWGA1hYDTHy0QpiShSeLGg1fTcIHa3-SHMaQnF7NaMOyPri_Pj9&sig=Cg0ArKJSzBxGiq4hsMDHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A9BB601A2612EBE26908A5C029153FAA
Requests: 6 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&cn=DE
Frame ID: E181616059703545581867EE47BA4FB7
Requests: 3 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMiUyMiUyQyUyMnRpbWV6b25lJTIyJTNBJTIyRXVyb3BlJTJGQmVybGluJTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E1MS4yOTkzJTJDJTIybG9uZ2l0dWRlJTIyJTNBOS40OTElN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anona357-59ce-4853-a085-f24a223162fb%22%2C%22x%22%3A%22531-978-695%22%2C%22vt%22%3A0%2C%22g1%22%3A%22se%22%2C%22g2%22%3A%22ab%22%7D
Frame ID: AA6A1C3D7C5B02E1AE06DD2E41A0F3B9
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E2995A443BEFF2ED0C169EFBE4FCA91A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1653491357698
Frame ID: 9C6141E538D66FA3AC90FD9C59365B7C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 329CECE96BCDBF7EE1DD371677F58C1B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1653491357697
Frame ID: 990B7B7CC556C05E069D6A5EBDE3B1E1
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DCAE8ECA9C508A1A6C984660557C4A8E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 358ABEF70DB7BD2DE4606482013C14EF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 55D784A3F5120C5DF57320AB3F3F58AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F9AB38C5A86AA69496977E6F0735F4A2
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 68A4D4EDFFE95DF1BEFC4496561F3A69
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1653491357697
Frame ID: 070C7C307606C7A5244C956A78313761
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 12B6DB28F053751E0CAF767FC6A10802
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 961D1F60B98099FAE2D92E97599CFF3E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: EAA01BFE56435450D0D6057B425C6B64
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

North and South America News | The Epoch Times

Page URL History Show full URLs

https://lists.youmaker.com/links/RSyC52zWg/Jlid8tcrj/1PzW17LTI5/xULcBgvdrE HTTP 302
https://www.theepochtimes.com/c-americas Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

228
Requests

91 %
HTTPS

38 %
IPv6

48
Domains

77
Subdomains

64
IPs

8
Countries

4941 kB
Transfer

7323 kB
Size

54
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.theepochtimes.com/p/?page=donation&utm_source=makeadonationtop
Title: MAKE A DONATION

Search URL Search Domain Scan URL

URL: https://service.theepochtimes.com/web/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=subhome
Title: subscribe

Search URL Search Domain Scan URL

URL: https://epochshop.com/
Title: Epoch Shop

Search URL Search Domain Scan URL

URL: https://store.theepochtimes.com/
Title: Digital Deals

Search URL Search Domain Scan URL

URL: https://offers.theepochtimes.com/gift
Title: Gift

Search URL Search Domain Scan URL

URL: https://markets.theepochtimes.com/
Title: Markets

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=go-eet-footer-subs

Search URL Search Domain Scan URL

URL: https://reader.epoch.cloud/
Title: Digital Newspaper

Search URL Search Domain Scan URL

URL: https://epochtimes.bg/
Title: Bulgarian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com/
Title: Chinese

Search URL Search Domain Scan URL

URL: https://es.theepochtimes.com/
Title: Spanish

Search URL Search Domain Scan URL

URL: https://www.epochtimes.jp/
Title: Japanese

Search URL Search Domain Scan URL

URL: https://kr.theepochtimes.com/
Title: Korean

Search URL Search Domain Scan URL

URL: http://www.erabaru.net/
Title: Indonesian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.fr/
Title: French

Search URL Search Domain Scan URL

URL: https://www.epochtimes.de/
Title: German

Search URL Search Domain Scan URL

URL: https://www.epochtimes.it/
Title: Italian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com.br/
Title: Portuguese

Search URL Search Domain Scan URL

URL: https://www.epochtimes.se/
Title: Swedish

Search URL Search Domain Scan URL

URL: https://www.epochtimes.nl/
Title: Dutch

Search URL Search Domain Scan URL

URL: https://www.epochtimes.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com.ua/
Title: Ukrainian

Search URL Search Domain Scan URL

URL: https://www.epochtimes-romania.com/
Title: Romanian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.cz/
Title: Czech

Search URL Search Domain Scan URL

URL: https://epochtimes.pl/
Title: Polish

Search URL Search Domain Scan URL

URL: http://epochtimestr.com/
Title: Turkish

Search URL Search Domain Scan URL

URL: https://persianepochtimes.com/
Title: Persian

Search URL Search Domain Scan URL

URL: https://etviet.com/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=mobile

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lists.youmaker.com/links/RSyC52zWg/Jlid8tcrj/1PzW17LTI5/xULcBgvdrE HTTP 302
https://www.theepochtimes.com/c-americas Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1653491356836&ns_c=UTF-8&c8=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1653491356836&ns_c=UTF-8&c8=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&c9=

Request Chain 92

https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=c-americas HTTP 302
https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=c%2damericas HTTP 302
https://a.clickcertain.com/px/?c=244b81b94c69796

Request Chain 93

https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 128

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522theepochtimes.com%252Fc-americas%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522867dd0f8-c558-4d3f-ae0b-adbaca13f64c%2522%257D&title=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522theepochtimes.com%252Fc-americas%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522867dd0f8-c558-4d3f-ae0b-adbaca13f64c%2522%257D&title=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&tdc=1

Request Chain 134

https://rp.liadm.com/j?dtstmp=1653491359137&se=e30&duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&tna=v2.3.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&wpn=lc-bundle HTTP 302
https://rp4.liadm.com/j?dtstmp=1653491359137&se=e30&duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&tna=v2.3.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6M2IwMDoxMDExOjdjNTI6NTRlYTpjYzAz&n3pc=true

Request Chain 141

https://a.clickcertain.com/px/ta/?ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=90e50b33-e6ea-4f74-9ad7-61108a8ae12a

Request Chain 142

https://a.clickcertain.com/px/r/?ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d730e2a4a%25252da949%25252d4bf1%25252db660%25252ddd4c492ddd16%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d730e2a4a%252da949%252d4bf1%252db660%252ddd4c492ddd16%2526anx_uId%253d%2524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d730e2a4a%2da949%2d4bf1%2db660%2ddd4c492ddd16%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D730e2a4a%2Da949%2D4bf1%2Db660%2Ddd4c492ddd16%26anx_uId%3D%24UID&google_gid=CAESECM6yPNQLCRiaGOO5ruwIw0&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&anx_uId=6928370852581133014 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&expires=5&user_group=0

Request Chain 190

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 191

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 192

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo5GoHXx-NiQiNaTVtY.fAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2

Request Chain 196

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB&dcc=t

Request Chain 198

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 199

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653577760&gdpr=1

Request Chain 201

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669388960&external_user_id=184a6d8e-2af2-4759-8553-dadfc0edfdfd

Request Chain 204

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB&dcc=t

Request Chain 206

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo5GoHXx-NiQiNaTVtY.fAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2

Request Chain 208

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4002bf92-3dfb-468a-9be1-be3f36f29fab&expiration=1685027360

Request Chain 213

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB&dcc=t

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo5GoHEsqWLEUc7OP4.duAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2

Request Chain 218

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7067777601284421496&uid=Q7067777601284421496&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

228 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c-americas Show response
www.theepochtimes.com/
Redirect Chain

https://lists.youmaker.com/links/RSyC52zWg/Jlid8tcrj/1PzW17LTI5/xULcBgvdrE
https://www.theepochtimes.com/c-americas

85 KB
17 KB

358ms
312ms

Document
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

3fabc5c1cb983602f5a953f6d0da8d2bd8f4bb6b4024bff2ebe116e277b4fdf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 15:09:16 GMT
server: nginx
x-cache-status: HIT
x-content-type-options: nosniff
x-device: desktop
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds223.lo4.sc,1653491356.cds223.lo4.p
x-xss-protection: 1; mode=block

Redirect headers

content-length: 124
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 15:09:16 GMT
location: https://www.theepochtimes.com/c-americas
server: nginx
vary: Accept, Accept-Encoding

GET
H2 200 template.css
subs.theepochtimes.com/lib/ 3 KB
3 KB 134ms
113ms Stylesheet
text/css 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/lib/template.css?ver=20220518
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c84e3c10e7e6872f1565ed0fcbd34d0e90926ed48b46a882d66f3f81ac40b26d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
via: 1.1 google
last-modified: Sat, 21 May 2022 20:18:17 GMT
server: nginx/1.20.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3277

GET
H2 200 style.css
www.theepochtimes.com/assets/themes/eet/ 2 KB
1 KB 26ms
25ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/style.css?ver=20170224

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

8b0daf8b0fadec4104ec807b0f4432698777a2a61078c1cf38b91e1fb238ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 16:22:38 GMT
server: nginx
x-microcachable: 0
etag: W/"61a7a14e-720"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds072.lo4.c
content-type: text/css
cache-control: max-age=600
content-length: 913
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.theepochtimes.com/assets/themes/eet/css/ 39 KB
9 KB 26ms
25ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

4bd13a00aa88227ddc41a725504d0342e0ad8b789ca3f40678cbc83ba8fcc879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 20:55:24 GMT
server: nginx
x-microcachable: 0
etag: W/"626c50bc-9c6b"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds011.lo4.c
content-type: text/css
cache-control: max-age=600
content-length: 9508
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
www.theepochtimes.com/assets/themes/eet/css/genericons/ 49 KB
32 KB 29ms
28ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/genericons/genericons.css?ver=20220415

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

703459a28a8b3b51b4702b22d9cbd94cff54fcca4fc034ba7b3f64bf7cf4228a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 21:25:30 GMT
server: nginx
x-microcachable: 0
etag: W/"628bfbca-c5be"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds289.lo4.c
content-type: text/css
cache-control: max-age=600
content-length: 32439
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 archive.css
www.theepochtimes.com/assets/themes/eet/css/ 34 KB
8 KB 168ms
167ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/archive.css?ver=20220403

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

b55ce596f3b7898c55f9b0dfdbd1b428e97f49459e2e268369c6d70cb5a0cf18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Apr 2022 17:50:19 GMT
server: nginx
x-microcachable: 0
etag: "624b2fdb-893d"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds233.lo4.sc,1653491356.cds233.lo4.pr
content-type: text/css
cache-control: max-age=600
content-length: 7892
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 34ms
8ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 14:54:56 GMT
content-encoding: gzip
age: 859
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1G5J8S9T6HQDVWHQXD4T
etag: 4abd427e43cd6822329a2c05539e321f
vary: Accept-Encoding
x-amz-version-id: STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: UKmmZf3PWCUM2O_KhhdzIgRph2IAK4vBeC3eNVE9zSQXl9eXFcWUzQ==

GET
H2 200 prebid.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 269 KB
98 KB 28ms
25ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

72974739823d21db3088160569739b4bbbc3c4f1bb0fe5ae6afe1e89ac515258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 May 2022 17:56:12 GMT
server: nginx
etag: W/"627955bc-43504"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds101.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
content-length: 100076
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 53ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3fb4d7558382f8575cfe2115c489e119163ba4bf40b84e62ff21e423ea50eef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69931
x-xss-protection: 0
expires: Wed, 25 May 2022 15:09:16 GMT

GET
H2 200 logo_eet.svg
www.theepochtimes.com/assets/themes/eet/images/ 16 KB
6 KB 46ms
43ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/logo_eet.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Aug 2018 21:43:01 GMT
server: nginx
etag: "5b807be5-3f5c"
x-cache-status: MISS
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds264.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 5932
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 white.png
www.theepochtimes.com/assets/themes/eet/images/ 95 B
175 B 46ms
44ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/white.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
x-microcachable: 0
etag: "59bae35d-5f"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds234.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK subscribe-footerbutton.jpg
img.theepochtimes.com/assets/uploads/2020/12/11/ 16 KB
16 KB 101ms
23ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/12/11/subscribe-footerbutton.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8300ec8c602a364430d96aec6f2d1fecf26a1718d194b52c193728ef4643e003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:16 GMT
Connection: keep-alive
Content-Length: 16124
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Fri, 11 Dec 2020 15:46:48 GMT
Server: nginx
ETag: "5fd39468-3efc"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=28037010
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 15 Apr 2023 03:12:46 GMT

GET
H/1.1 200
OK Desktop-AppleStoreBadge.png
img.theepochtimes.com/assets/uploads/2020/10/27/ 8 KB
8 KB 98ms
20ms Image
image/png 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/10/27/Desktop-AppleStoreBadge.png
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cc4d0a85bcb684c04051f64782dc2dbef34e8fb913f425828581f670343fe201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:16 GMT
Connection: keep-alive
Content-Length: 7834
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 27 Oct 2020 21:38:18 GMT
Server: nginx
ETag: "5f98934a-1e9a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=28036979
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 15 Apr 2023 03:12:15 GMT

GET
H/1.1 200
OK Desktop-GooglePlayBadge.png
img.theepochtimes.com/assets/uploads/2020/10/27/ 10 KB
11 KB 102ms
24ms Image
image/png 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/10/27/Desktop-GooglePlayBadge.png
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4ebed7568be2aac739e5431d9ee53d4d95321be6a38a90d0b93b14d4e86dcbbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:16 GMT
Connection: keep-alive
Content-Length: 10320
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 27 Oct 2020 21:38:18 GMT
Server: nginx
ETag: "5f98934a-2850"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=28037013
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 15 Apr 2023 03:12:49 GMT

GET
H2 200 jquery-all.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 98 KB
40 KB 22ms
22ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 15:48:53 GMT
server: nginx
etag: W/"618d3b65-188fe"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds319.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 97 KB
31 KB 22ms
22ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20220519

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

800dcf656ded5336badeda016b6bb419d459e2531bb01c1e051c993d8a01ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 14:08:36 GMT
server: nginx
etag: W/"628b9564-1844e"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds234.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
content-length: 31652
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.theepochtimes.com/lib/ 211 KB
212 KB 112ms
112ms Script
application/javascript 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 48e3bb69810c5154cbe987cf72f55f992c448ac8e21ae0014da475ce1032460d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
via: 1.1 google
last-modified: Sat, 21 May 2022 20:18:17 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216028

GET
H2 200 article_ads_prebid.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 50 KB
14 KB 28ms
26ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20220518

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

95e2fad82850b7613c27816a8323a4ff3906c7bc15aae4c916b81fab6ef23b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/c-americas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 May 2022 18:48:29 GMT
server: nginx
etag: W/"62853f7d-c87e"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds074.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
content-length: 14378
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3008
date: Wed, 25 May 2022 14:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 16:19:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
74 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e876cbda4f26f89da5424ebf9b32794c64a77df1c7804effe09ae34ad09952f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75557
x-xss-protection: 0
expires: Wed, 25 May 2022 15:09:16 GMT

GET
H2 200 HelpCenter.svg
www.theepochtimes.com/assets/themes/eet/images/ 2 KB
945 B 28ms
27ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/HelpCenter.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

cfcfcc4f882ee207b643b788b619008bdad867ee9cc1af915fb7408bf5c8ff2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 20:55:12 GMT
server: nginx
etag: "5ea0af30-64b"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds039.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 835
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 icon_subscribe.png
www.theepochtimes.com/assets/themes/eet/images/ 2 KB
3 KB 28ms
27ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/icon_subscribe.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

0ef882f04fe97354fcce4c17bf5d5bcea29f71e7729533dc6614a7ed5edadef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Aug 2018 21:43:01 GMT
server: nginx
etag: "5b807be5-9c7"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds212.lo4.c
content-type: image/png
cache-control: max-age=600
content-length: 2503
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 icon_newsstands.svg
www.theepochtimes.com/assets/themes/eet/images/ 1 KB
749 B 32ms
31ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/icon_newsstands.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

1b492a906f47aa3e76be3ba0fb63c575a2b2cdd71bf7d9e6ffb36faf86df4531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Apr 2019 18:26:41 GMT
server: nginx
etag: "5cb229e1-4f7"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds078.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 639
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 icon_gift.png
www.theepochtimes.com/assets/themes/eet/images/ 388 B
498 B 32ms
32ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/icon_gift.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

58bd62e5873d0df478237a5195f10ad95bf5b7392ad42cb66cf72efde0764378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Dec 2019 23:18:48 GMT
server: nginx
x-microcachable: 0
etag: "5e0a85d8-184"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds262.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 388
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 1 KB
691 B 30ms
30ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
etag: "59bae35d-498"
x-cache-status: MISS
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds320.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 579
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 58 KB
59 KB 30ms
27ms Font
font/opentype 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e9d4"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds073.lo4.c
content-type: font/opentype
cache-control: max-age=315360000
content-length: 59860
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 D-DINCondensed-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 57 KB
57 KB 34ms
32ms Font
font/opentype 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DINCondensed-Bold.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e454"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds003.lo4.c
content-type: font/opentype
cache-control: max-age=315360000
content-length: 58452
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v10/ 14 KB
14 KB 38ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:09:27 GMT
x-content-type-options: nosniff
age: 32389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14200
x-xss-protection: 0
last-modified: Wed, 17 Jul 2019 00:00:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 25 May 2023 06:09:27 GMT

GET
H2 200 D-DIN-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 59 KB
59 KB 36ms
36ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN-Bold.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20220429
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-eb1c"
x-hw: 1653491356.cds088.lo4.hn,1653491356.cds006.lo4.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 60188
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 28 KB
28 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ea8a172ad1c688685ce137f792ba14aa34d7bd1eade35c4367891f3fca22156

Request headers

Referer
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=528797536&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&dp=%2Fc-americas&ul=en-us&de=UTF-8&dt=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=193709743&gjid=624279394&cid=1626945463.1653491357&uid=anona357-59ce-4853-a085-f24a223162fb&tid=UA-10465455-30&_gid=1332642503.1653491357&_r=1&_slc=1&cd3=%3Bamericas-21%3B&cd28=%3BAmericas%3B&cd43=category&cd18=anona357-59ce-4853-a085-f24a223162fb&z=154068115

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 20ms
6ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 50647
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
date: Wed, 25 May 2022 01:10:03 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: cB4EcaLnK2dLxiTqq4c77JYzI5-N1Vl7_jdLJiTPF85_40W3XbgtAg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 681ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10465455-30&cid=1626945463.1653491357&jid=193709743&uid=anona357-59ce-4853-a085-f24a223162fb&gjid=624279394&_gid=1332642503.1653491357&_u=YGBACEAABAAAAC~&z=867784762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 15:09:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 658ms
12ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 01 Jun 2022 15:09:17 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1653491356836&ns_c=UTF-8&c8=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fc-ame...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1653491356836&ns_c=UTF-8&c8=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fc-am...

0
190 B

102ms
100ms

Image
text/plain

99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1653491356836&ns_c=UTF-8&c8=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&c9=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QWG7hvkSvnZt-KM5Fzo6NyW-BXJ-z2pjiQRtlp1Gl3YyZsQJJhbo_w==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=24003086&ns__t=1653491356836&ns_c=UTF-8&c8=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&c9=
date: Wed, 25 May 2022 15:09:17 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: BhkMvTiVND_anwi5wPAojHL7MkdL15RqkBvYKSuwkZX291oDm3ii8A==
x-cache: Miss from cloudfront

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=2oe5n0&_p=528797536&_z=ccd.PNB&cid=1626945463.1653491357&ul=en-us&sr=1600x1200&_s=1&sid=1653491356&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&dt=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&en=page_view&_fv=1&_ss=1&ep.eet_cat_names=Americas
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 219 KB
67 KB 588ms
11ms Script
application/x-javascript 18.66.248.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-84.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6c08334cab59e0b9b2074116bdb450a3df28df045c636399e31e7eaf8ee5f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: DAy4Hv_R.eB9ULUrABbYF_S0CyluUqKL
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 23 May 2022 13:08:30 GMT
server: AmazonS3
age: 78
etag: W/"223a11cd9fe8451b83433a820ef85231"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 25 May 2022 15:08:00 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: znpdhTdbYgxsq4xTQ9oBT4F_GatlP96mPbGbiIP7ZGRqWIWrcCgX4g==

GET
H3 200 geo Show response
subs.theepochtimes.com/rules/ 113 B
130 B 131ms
116ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/rules/geo
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:16 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
29 KB 585ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20220518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88d775a95cd0d49c6c4e5c3d7d1b442bd055e01cc38504b4b793a6e46890b21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28684
x-xss-protection: 0
server: sffe
etag: "1225 / 908 of 1000 / last-modified: 1653476819"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 May 2022 15:09:17 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
315 B 7ms
6ms XHR
text/plain 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theepochtimes.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:31:24 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
server: Server
age: 13072
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.theepochtimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iFFM0_lgl-2deYVZ_Kst5pigv2GkiZCNW4JUlgBHhZWpDTVpvbcMzA==

GET
H2 200 test Show response
www.youmaker.com/g/ 7 B
212 B 578ms
16ms XHR
application/json 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/g/test
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7

GET
H/1.1 200
OK Mexico-soldiers-1-550x330.jpg
img.theepochtimes.com/assets/uploads/2022/05/24/ 39 KB
40 KB 45ms
44ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/24/Mexico-soldiers-1-550x330.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d5759b9d381ea36ee50ececbe9816fd957b4e38832d8baa4c53f7635a1c7aceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:16 GMT
Connection: keep-alive
X-Device: desktop
Accept-Ranges: bytes
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 24 May 2022 15:59:31 GMT
Server: nginx
ETag: "628d00e3-9dd2"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31451439
Access-Control-Allow-Credentials: true
Content-Length: 40402
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Wed, 24 May 2023 15:39:55 GMT

GET
H/1.1 200
OK Rio-de-Janeiro-police-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/24/ 7 KB
7 KB 44ms
43ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/24/Rio-de-Janeiro-police-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b4d39529975f23fb0b09b759e33e98fc86c76d7a4c541a131008b9ff0182f6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:16 GMT
Connection: keep-alive
X-Device: desktop
Accept-Ranges: bytes
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 24 May 2022 15:09:01 GMT
Server: nginx
ETag: "628cf50d-1b2d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31450845
Access-Control-Allow-Credentials: true
Content-Length: 6957
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Wed, 24 May 2023 15:30:01 GMT

GET
H/1.1 200
OK Sandals-Emerald-Bay-GettyImages-538293234-1200x800-1-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/09/ 26 KB
26 KB 820ms
818ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/09/Sandals-Emerald-Bay-GettyImages-538293234-1200x800-1-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 98c752450f26de1a588303aa6a7121d719ff4f7d2aab3399105f48d90d881ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 26384
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Mon, 09 May 2022 12:09:33 GMT
Server: nginx
ETag: "6279047d-6710"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 15:09:17 GMT

GET
H/1.1 200
OK border-wall-texas-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/06/17/ 14 KB
14 KB 98ms
61ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2021/06/17/border-wall-texas-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f5e59cc6b94811c4e5446fcf8e40aaf4a3ab1b536a57f84ceecb722def413638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 14101
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Thu, 17 Jun 2021 01:36:35 GMT
Server: nginx
ETag: "60caa723-3715"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31367815
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Tue, 23 May 2023 16:26:12 GMT

GET
H/1.1 200
OK 1.download-150-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/ 13 KB
14 KB 223ms
185ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/1.download-150-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4b91f8cdcc1aa20b71688e25dada1e9241c6061c154c0fe542d66a70fb5b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 13452
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Fri, 20 May 2022 16:03:22 GMT
Server: nginx
ETag: "6287bbca-348c"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535976
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 15:08:53 GMT

GET
H/1.1 200
OK produce-shelves--205x123.jpg
img.theepochtimes.com/assets/uploads/2022/01/15/ 11 KB
11 KB 713ms
668ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/01/15/produce-shelves--205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f2eba112717f3e6efeb67a75313b7f388ccc5fc0f35f971dff64b36f442ef441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 10776
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Sat, 15 Jan 2022 18:37:54 GMT
Server: nginx
ETag: "61e31482-2a18"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 15:09:17 GMT

GET
H/1.1 200
OK GettyImages-1240582635_Bob-Menendez-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/17/ 14 KB
15 KB 667ms
661ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/17/GettyImages-1240582635_Bob-Menendez-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b8f9bb8fe82b3abbc4e23a9584404436acf0e719e54421902295c559033f61a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 14719
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 17 May 2022 21:09:38 GMT
Server: nginx
ETag: "62840f12-397f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535990
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 15:09:07 GMT

GET
H/1.1 200
OK GettyImages-1228221626-205x123.jpg
img.theepochtimes.com/assets/uploads/2021/06/15/ 10 KB
10 KB 672ms
665ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2021/06/15/GettyImages-1228221626-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8eadc35a060caaf7875d43f8e892be64dfbecbacbbfe02a20c4029749421a8c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 10040
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 15 Jun 2021 22:17:11 GMT
Server: nginx
ETag: "60c926e7-2738"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 15:09:17 GMT

GET
H/1.1 200
OK Green-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/25/ 9 KB
10 KB 21ms
20ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/25/Green-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba0fde3fc25b81a76e601038ed43810c6dfb4f834e8f3749c3917556ad53017d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 9092
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Wed, 25 May 2022 15:29:04 GMT
Server: nginx
ETag: "628e4b40-2384"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535850
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 15:06:47 GMT

GET
H/1.1 200
OK family-taking-a-jar-from-their-pantry-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/04/05/ 12 KB
12 KB 21ms
21ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/04/05/family-taking-a-jar-from-their-pantry-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 04d08bc6882cc4d5a2fc84803ad8eb1f0929fe6ad45f52833329121b68d904eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 12124
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 05 Apr 2022 15:36:06 GMT
Server: nginx
ETag: "624c61e6-2f5c"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31534305
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 14:41:02 GMT

GET
H/1.1 200
OK Elon-Musk-1-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/04/24/ 15 KB
16 KB 19ms
19ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/04/24/Elon-Musk-1-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7fad06f6ac22600dc8725c38de6e200ca68c6036bf9bacbab694adfb5ea60552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 15407
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Mon, 25 Apr 2022 00:22:20 GMT
Server: nginx
ETag: "6265e9bc-3c2f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31508167
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 07:25:24 GMT

GET
H/1.1 200
OK sasdpasdpsaduapsduadspu-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/25/ 4 KB
5 KB 21ms
21ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/25/sasdpasdpsaduapsduadspu-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 706f3e78e6d46f6159110680203b3050845ec5c6c6f4d69cb259cbd9927e7f75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 4068
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Wed, 25 May 2022 14:35:45 GMT
Server: nginx
ETag: "628e3ec1-fe4"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31532889
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 14:17:26 GMT

GET
H/1.1 200
OK 6641190-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/25/ 17 KB
17 KB 30ms
30ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/25/6641190-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3104bab9f3d16a241f2267c46b606437ed3bae6a0dfd4ae50080bd50973619c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 17153
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Wed, 25 May 2022 01:10:57 GMT
Server: nginx
ETag: "628d8221-4301"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31532138
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 14:04:55 GMT

GET
H/1.1 200
OK ET-doctor3-1200x800-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/25/ 10 KB
11 KB 34ms
34ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/25/ET-doctor3-1200x800-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3ef5422f553694b55700bf8228f8565323672782ac8841df226437f095876785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 10607
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Wed, 25 May 2022 14:10:08 GMT
Server: nginx
ETag: "628e38c0-296f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31531296
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 13:50:53 GMT

GET
H/1.1 200
OK endocrine-205x123.jpeg
img.theepochtimes.com/assets/uploads/2022/04/30/ 16 KB
17 KB 37ms
37ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/04/30/endocrine-205x123.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: daf7a0dccb1120d74cc9a492fb7b20f48ef4cf2d2b1cd4b1b26d57006929f4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 16323
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Sat, 30 Apr 2022 02:16:06 GMT
Server: nginx
ETag: "626c9be6-3fc3"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31531369
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 13:52:06 GMT

GET
H/1.1 200
OK rep-cuellar-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/01/20/ 18 KB
19 KB 21ms
21ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/01/20/rep-cuellar-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 06bca4156362ae327faea6ddf83f8012f87138bcab46a11f4d5dc8513e8bd7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 18298
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Thu, 20 Jan 2022 13:35:05 GMT
Server: nginx
ETag: "61e96509-477a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31529257
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 13:16:54 GMT

GET
H/1.1 200
OK bangkok-21-oriental-suite-living-room-a-1-205x123.jpeg
img.theepochtimes.com/assets/uploads/2022/05/24/ 9 KB
10 KB 31ms
30ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/24/bangkok-21-oriental-suite-living-room-a-1-205x123.jpeg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 922e883b2e9edd2562fad73074ac5944f1a5c04575ea56402d8c3b7f5f73ffb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 9271
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Tue, 24 May 2022 16:57:45 GMT
Server: nginx
ETag: "628d0e89-2437"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31529542
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 13:21:39 GMT

GET
H/1.1 200
OK NYSE-worker-2-205x123.jpg
img.theepochtimes.com/assets/uploads/2022/05/23/ 17 KB
18 KB 23ms
22ms Image
image/jpeg 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2022/05/23/NYSE-worker-2-205x123.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b4870cf31c5238c5d2b3cf2b6ec2b070a68622b96dfd3ff0ac1e259ecdb9d6c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:17 GMT
Connection: keep-alive
Content-Length: 17724
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Mon, 23 May 2022 21:57:20 GMT
Server: nginx
ETag: "628c0340-453c"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31529276
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 25 May 2023 13:17:13 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 250ms
6ms Script
application/javascript 99.86.4.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6499816
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: NVi7GxjBtIssPShqlU6hvz60lmZTkjq-ZD_dDZXASJ_aI0vFCGWhpg==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 51ms
7ms Image
image/gif 99.86.4.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&time=1653491357498&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&random_number=11636614888&sess_cookie=9a0f98df180fbc3d7393c89f2e8&sess_cookie_flag=1&user_cookie=9a0f98df180fbc3d7393c89f2e8&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-123.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 03:48:39 GMT
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 40839
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA6-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: Qxiw3HQj9xq6qb2UtZaby1rUpCkecgijBCnKJrFvsKqBC9SSZP5aqA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 577ms
155ms Image
text/plain 44.236.105.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.105.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-105-167.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
server: Server

GET
H2 200 rules-p-a128V7tctPVtT.js Show response
rules.quantcount.com/ 3 B
429 B 42ms
9ms Script
application/javascript 2600:9000:2315:5800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 03:08:30 GMT
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
age: 43248
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:44:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: qhl2lfwQCcqqKQNnRDcnsZQbttk2xfG6XdS3rGdMnG49rT53HEmyXw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
34ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10465455-30&cid=1626945463.1653491357&jid=193709743&_u=YGBACEAABAAAAC~&z=1152125348

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 59ms
33ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10465455-30&cid=1626945463.1653491357&jid=193709743&_u=YGBACEAABAAAAC~&z=1152125348

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022051901.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 26ms
7ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 14:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127573
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:36:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 May 2023 14:46:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 165 B
754 B 47ms
17ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theepochtimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8358abfe7f01035041fa2b4214f6def48e4aa85ba03fc8254c6f813a133f9192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 15:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118
x-xss-protection: 0
expires: Wed, 25 May 2022 15:09:17 GMT

GET
H2 200 91-221d64be9a88a6e37194.js Show response
js.chargebee.com/v2/ 12 KB
4 KB 10ms
9ms Script
application/x-javascript 18.66.248.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/91-221d64be9a88a6e37194.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-84.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8b688dfa571cdb735b250a5a996f6b8ff17becca482240e7883ba592fb459557

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: zzkNUc0JJB.9LBxAUNikSpO4amxU27Np
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 23 May 2022 13:08:30 GMT
server: AmazonS3
age: 87
etag: W/"0504ca0964e423095a4fd79bbd4fffd1"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Wed, 25 May 2022 15:07:51 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Wo_E2VaDjtZt31if54gb618b0wDbC-tkuFxpod3h5dHn71gjxc34Tw==

GET
H2 200 pixel;r=982744585;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas;uht=2;fpan=1;fpa=P0-819963117-1653491357548;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;...
pixel.quantserve.com/ 35 B
372 B 23ms
12ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=982744585;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas;uht=2;fpan=1;fpa=P0-819963117-1653491357548;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=theepochtimes.com;je=0;sr=1600x1200x24;dst=0;et=1653491357548;tzo=0;ogl=locale.en_US%2Ctype.object%2Ctitle.North%20and%20South%20America%20News%2Cdescription.Get%20the%20latest%20breaking%20news%20on%20North%20and%20South%20America%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2Fc-americas%2Csite_name.www%252Etheepochtimes%252Ecom%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2021%2F12%2F27%2Feet_logo%252Epng

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
496 B 47ms
47ms XHR
text/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&pid=taG0DiKg7JXPr&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22cat_top_ad_728x90%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2FEET_article_top_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: Z069KJ0JRB5VQQ53Y61Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: hntg18ZdxVhSllI4-3eSHXLn-DJzvQ3yrVOfagQl7YiKI9ZtsqPQgQ==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 436 B
715 B 83ms
16ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 933f00abf02286efc36ac4b1153a9540f234c731dac0d6a5aefad7bd68a92a84

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 247 B
624 B 202ms
141ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 379ce4633833b6fc0af84afcd6948b557f7c893d2d5b9f96322d56c7b61d6679

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
Server: nginx/1.21.3
X-Prebid: pbs-go/0.211.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 247
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 209ms
174ms XHR
application/json 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c2b3ceb5eae2d19d1480be7fae89933b9b9904d79a7a779af919e30fe793ad90

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: deb5aacf-da55-49c5-8658-175ecc9edd7e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 35 B
332 B 121ms
51ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299835&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227f7cb2204dbcc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2288690e3c906dfd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2FEET_article_top_728x90%22%2C%22gpid%22%3A%22%2F5965368%2FEET_article_top_728x90%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 694e0009855d1635649111c5c244958da6bdb11a9323fd6604e4b91201a2bfac

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:17 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 35
x-ak-client-geo: 12
expires: Wed, 25 May 2022 15:09:17 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
397 B 520ms
163ms XHR
application/json 54.215.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1165154&ntv_pb_rid=11e00b3db8b12cc&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiY2F0X3RvcF9hZF83Mjh4OTAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s5NzAsMjUwXSxbOTcwLDkwXSxbNzI4LDkwXV19fX1dfQ==&ntv_dbr=eyJjYXRfdG9wX2FkXzcyOHg5MCI6MH0=&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.186.48 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-186-48.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 49ms
20ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
496 B 53ms
52ms XHR
text/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&pid=taG0DiKg7JXPr&cb=1&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad_right_top_300x250_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: WJHS4F40BG8VZG62NXEN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: V4IcoOpmeH0q0-u-lI51uwglkMk1FU7n15JLMJ6JX8FxDcUE3yTFYg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 246 B
623 B 209ms
160ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ba913322f7de47577270d72133e0b0f6ce6af7f3a957eb7f0009b67e5cb59e4b

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
Server: nginx/1.21.3
X-Prebid: pbs-go/0.211.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 246
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 44ms
21ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
396 B 513ms
164ms XHR
application/json 54.215.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1165155&ntv_pb_rid=2137d6c665a3e46&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYWRfcmlnaHRfdG9wXzMwMHgyNTBfMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJjYXRfdG9wX2FkXzcyOHg5MCI6MCwiYWRfcmlnaHRfdG9wXzMwMHgyNTBfMSI6MH0=&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.186.48 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-186-48.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
334 B 111ms
51ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299842&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223f87e8a6a30181%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22246c3f3cdde322c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22299842%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%2C%22gpid%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f94f10e34c5c33a2a6e0956fe2f1d11c2a51dbd4ea81c6b282b02c2706727715

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:17 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Wed, 25 May 2022 15:09:17 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 136ms
92ms XHR
application/json 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d176b2899e148f8ea62da627dfa29b0066e59d50d4f03cd32d450a731e62a9ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3ea740cd-702a-4385-b494-41a77dac409a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
496 B 54ms
54ms XHR
text/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&pid=taG0DiKg7JXPr&cb=2&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22cat_right_sticky%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2FEET_sticky_ads_300%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:17 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: M847FM74X54JC8VMPJKF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bT8aL0aDgpehSbbCdIGEQELvqlf_73jqF6BVZypsEeC_I6gM31f7Eg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 247 B
624 B 195ms
157ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 783d4221c0a8954077bda869c9fac23d7d6efb9306cba0925c8291e06894b4df

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
Server: nginx/1.21.3
X-Prebid: pbs-go/0.211.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 247
Expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
334 B 104ms
55ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=299843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223121f4506d4a438%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223242e5274fecaa7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22299843%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22299843%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2FEET_sticky_ads_300%22%2C%22gpid%22%3A%22%2F5965368%2FEET_sticky_ads_300%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f68f293b5739c343322034f71620923b57797c47a498ab2b3098c7cce39c2190

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:17 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Wed, 25 May 2022 15:09:17 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 30ms
21ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
396 B 500ms
164ms XHR
application/json 54.215.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1165156&ntv_pb_rid=3679e6dcdfd2b58&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiY2F0X3JpZ2h0X3N0aWNreSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdLFszMDAsNjAwXV19fX1dfQ==&ntv_dbr=eyJjYXRfdG9wX2FkXzcyOHg5MCI6MCwiYWRfcmlnaHRfdG9wXzMwMHgyNTBfMSI6MCwiY2F0X3JpZ2h0X3N0aWNreSI6MH0=&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.186.48 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-186-48.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 171ms
139ms XHR
application/json 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ee52681bc74dd786c071fa7113b55213b5ac6a3aa7a6242c08493c41d856171c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 70dafd3f-e7cf-4933-bd01-318fde76eb84
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theepochtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
513 B 65ms
14ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:17 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 157ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 135ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: qtIu7/Z/ECnx+d6NPZhFw375y4Q14vsUhtVwCMfx61EKZRSoruE7T9oMrRNkyERjqV2dBQkd3b3ZK6sXVxyfTg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 25 May 2022 15:09:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 push_notif.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 171ms
40ms Script
application/javascript 2606:4700:3038::6815:ea4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Sep 2020 15:46:03 GMT
server: cloudflare
age: 6273
etag: W/"5f6384bb-18fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy3cO47AsEejgk17fxUCKfSlvkMxao728awRF4olvfaFoQ3kkSCsxTRb8o5UkljsLJwF7fKjw8rS4U%2FMTAX2yVHJdpDXftfLdzCPfDteRhxtGvzbu27Q49RDtqkUDNSKAlgxW7vbI3CxcxSVKize1P4MRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710f30fcf8fe1002-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 29 KB
30 KB 656ms
171ms Script
application/javascript 52.92.211.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.211.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 156ddb25158b566de3fb66c201ba43caac55d3867b49982bdd6f74ccbc55ec65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:19 GMT
Last-Modified: Tue, 17 May 2022 05:28:21 GMT
Server: AmazonS3
x-amz-request-id: 975DBQPTV5G15BA1
ETag: "a42b7d019472ddff91e7fcfd804d3e94"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 29889
x-amz-id-2: 9PjQL04qbr8dEYZmmhBEO0WLO7M7SN8TyCS2etmXdVp9EbRlgu4Q3+O/+2rIh4PT368fUQaW4t4=
Expires: Thu, 16 Jun 2022 05:28:20 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=c-americas
https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=c%2damericas
https://a.clickcertain.com/px/?c=244b81b94c69796

3 KB
2 KB

232ms
231ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=244b81b94c69796
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4871210fae005014eda6692b854ba7f0a0367cc14fdd9048c90f77143625dfca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: br
x-frontend: cc-nginx-55b57bbd68-dd6rn:cc-nginx-55b57bbd68-dd6rn
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: fe4db42d-e7d3-982b-b63f-be43096dd2bf
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjLOvk38US0N4Jfm%2BnSzyoB6093WgkrVXKrJ9SvEDWPAKqqIhjtuNJHd5VI05eEyARXpPsiu7lrYbufJ2NEFFpn6uBfkE2lx%2Fzbmw9dEOsmdBwYMoxE2OdyqRkcHSOalWckH3Oe%2F7wp2dJGmv0Mm9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-envoy-upstream-service-time: 64
cf-ray: 710f31007ea883a2-MXP

Redirect headers

date: Wed, 25 May 2022 15:09:18 GMT
x-frontend: cc-nginx-55b57bbd68-tsljb:cc-nginx-55b57bbd68-tsljb
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: b380f4d3-b545-9e81-9c41-b20b89370f9b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0xcKkMIWADGIUcAYb%2F%2B%2Fj4FVdhQ8UnLX3Ol0YIevo0rueCDR9ZyO4ECSsURs2odIRlfD2RXUj5hGeFGLp%2FDZSTIWBSdry98ok6KzZxD%2FZ%2BwYys5%2FTeHlNc%2BpLYD%2ByRp%2Fq6HCvLAVNQFW2j0wYN4mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://a.clickcertain.com/px/?c=244b81b94c69796
x-envoy-upstream-service-time: 31
cf-ray: 710f30fe185683a2-MXP

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/24003086/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
346 B

8ms
7ms

Script
application/javascript

99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:08:56 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 23
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: YkmCet_H47qyiQb0DaoxqKzosc031vnCe2kaROo9fG17EzsoFoLc6g==

Redirect headers

location: /internal-c2/default/cs.js
date: Wed, 25 May 2022 15:09:18 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: HpWdu9hbBV3SZl_7I2oZigN-43L0sDfdOyJgDbocH10lM0gljXqIMA==
x-cache: Miss from cloudfront

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 56ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theepochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
24ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
12 KB 385ms
368ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3697887341025929&correlator=415883231350206&eid=31067488%2C31067718&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=5965368%2CEET_article_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=811699457&sfv=1-0-38&ecs=20220525&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_americas-21%252Ceet_world-89904%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid&sc=1&cookie_enabled=1&abxe=1&dt=1653491358181&lmt=1653491358&dlt=1653491356467&idt=1138&biw=1600&bih=1200&adxs=315&adys=106&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x6445&msz=1600x10&fws=0&ohw=0&ga_vid=1626945463.1653491357&ga_sid=1653491358&ga_hid=528797536&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

02c88cd7656e5b49f9dcfa2a4907a1e9650afb63ddb6addd6baf1244d619e3ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12714
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 94ms
24ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a38562e943ca15adb08748280b8674dd142b85bf259de3fe60ecdcb29bd92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10766
x-xss-protection: 0

GET
H2 200 container.html Show response
47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A2DE 6 KB
4 KB 95ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 15:09:18 GMT
expires: Thu, 25 May 2023 15:09:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 630ms
625ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3697887341025929&correlator=415883231350206&eid=31067488%2C31067718&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=5965368%2Ceet_article_right_top_300x250_v3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2786340635&sfv=1-0-38&ecs=20220525&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_americas-21%252Ceet_world-89904%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid&sc=1&cookie_enabled=1&abxe=1&dt=1653491358197&lmt=1653491358&dlt=1653491356467&idt=1138&biw=1600&bih=1200&adxs=1100&adys=242&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1626945463.1653491357&ga_sid=1653491358&ga_hid=528797536&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8b4ad35883e55339a7c948475159a9678962c526203bcb3131f6388c60ca2fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10040
x-xss-protection: 0
google-lineitem-id: 5900320489
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379157088
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 179006610034452 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 119ms
108ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/179006610034452?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01f0c5526f98dd9143c8c16b6a2a7add426896ee531fce0f76a54ed4271c3b82

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ICzYtJjT3nba2lumvRIR3MCO3thXBdz6lLuzn70vaNYitMlxgsMfZ4DNOQ3Smb3/ctcTS3s1E/L0WEdBJv9uLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 15:09:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653491358350
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b413bf4fa936cc351ac6476e0df69b50.js Show response
clientcdn.pushengage.com/core/ 90 KB
20 KB 44ms
8ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 992031d3fad995c43a16b9ef01ca3cbec1dc830018b639f1f4b71196a12d98dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:08:30 GMT
content-encoding: gzip
server: nginx
age: 48
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YVoUYvsvdh1xkevOzCZklGPkREFj3t3xid-CfYdi7yF_d9QOe3mzFA==
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 15:09:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88DA 13 KB
5 KB 24ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 15:08:40 GMT
expires: Thu, 25 May 2023 15:08:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2CE1 783 B
534 B 35ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3130dd01960f2e29342dc55c0978572966d0e4f3fd2e68691cdb62238efc85f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dP2OXEd9TVArIReLQetygQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-dP2OXEd9TVArIReLQetygQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 15:09:18 GMT
expires: Wed, 25 May 2022 15:09:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 29ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179006610034452&ev=PageView&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&rl=&if=false&ts=1653491358401&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653491358400.1015285396&it=1653491358230&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 25 May 2022 15:09:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2CE1 0
0 65ms
47ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=3697887341025929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 88DA 35 KB
13 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 07:54:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 88DA 0
9 B 10ms
10ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DMCZTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205161914000/ Frame E690 220 KB
61 KB 43ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 109421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61456
x-xss-protection: 0
server: sffe
date: Tue, 24 May 2022 08:45:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42b814baf88beb20"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 May 2023 08:45:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame E690 14 KB
5 KB 54ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5191
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3630c4be819f8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 17:09:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame E690 94 KB
28 KB 56ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ccce7ec6c76e0017"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 17:09:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame E690 5 KB
2 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1905
x-xss-protection: 0
server: sffe
date: Mon, 23 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "862cd07357fd06d9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 May 2023 17:09:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame E690 40 KB
13 KB 59ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12945
x-xss-protection: 0
server: sffe
date: Tue, 24 May 2022 19:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2cd215bb1afb4615"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 May 2023 19:07:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E690 8 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 14:00:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 15:09:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 15:09:18 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E690 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 19660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 26 May 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E690 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 18973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 26 May 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E690 0
0 16ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbQ7i43q1_sjW4n63lgikrdADwWO2twiuAIOSnMa_ujUtF6NuqLfV_1pLccJBTHsXiloYKOtiJIKAg5BskTcvycl8OjA
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E690 0
0 51ms
51ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVlKfnkaOYr6AD72sx_AP-K6asAOeouOXaqmUssaADKqK1pSHFxABIOjQsB9glYKAgLAHoAGtpdCPA8gBCakCBuiBPIXmsT7gAgCoAwHIAwqqBKYCT9Cnjl4ECFXRRJrbIREmRwtKNTNxv5ORU1FD2_bOr_L6e4OMWIiiVHHHqe3omun-FPZVOgmq5ax2REJgQhdhhZA6qSZlnO7cL_etaRqTWoicFS8DjQZhYt28JbZl4vDYrGP0M8U9Dw9oriSdZajMBAkHdrEBZ1ygBiDiAM024N878yLeV4x4pBxM2K0e0m9jC92bkU6YzdwXOLFB7vT8ze7rjD8KXYK92ccIMIBXsGK4bcHucgYRfK-I7fkP-8Wq2BFtnPmoDb39QYow7NW44jnYPkpzVfOL6RUCfN9vYzHCYOqSYYUYK22soo5SFszHlBRtimCtG1bwDl1HAA-mDHoKSAbJhWXcbuhCQG95BHrOEXfEQp4w_c2cQ-6Z4e5n248jeIp_wAS43JLQlwPgBAGSBQQIBBgBkgUECAUYBKAGLoAHu9qvcKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEPrsugHSCAkIiOGAEBABGB2ACgPICwG4E4gn2BMNiBQD0BUBgBcBshceChwIABIUcHViLTM5OTAxODAxNTcxODMwMDIYwNwM&sigh=9jUDwXZFmIc&uach_m=[UACH]&template_id=5000
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/291023357035187093/ Frame E690 11 KB
11 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/291023357035187093/downsize_200k_v1?w=600&h=314

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598a1b443d7cfcd8af1c497aae480cfe907ad8f998608b3b4e3fcb5509bf89c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:03:41 GMT
x-content-type-options: nosniff
age: 191137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10898
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 11:56:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 10:03:41 GMT

GET
DATA 200
OK truncated
/ Frame E690 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E690 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E690 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46aaa16c10916759cd5291c86f807a45633f80676d43544bf4c3b25e575112ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame E690 28 KB
28 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 61031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:12:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A9BB 0
0 44ms
44ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5l5sK9ZXpY_2AfLqTpSDWt7TqzzGnkVz1V711DAKEvpUtDvDKjKu1fxOv2nYC_wVKQXrram-FzWaN7-t-wSZVGKMi-jywI0vaYX0xjnimPxjb_-wQZh2MVRqtbBW7DD_5p3pgMsSfE61wroyDhUL5SbvQdW6KoaZTvhGa7-eRL90aohP8laj0r4oye85WySquT1p-MaG9T3mD4W0lr6FiOiHC6q0jKGlYSWcx7y8k9D_TD8SWZ73v_bcbstLjTvAe792AFHyh4hzxfiIWWVpQYW-o2_fGUNII1kudKZIIaNZfKRZ288EyW4qiTxK6u_tsFGbizw1OPWBB12fGycFAWKxGfOyUfOn-VG667SKMmrUIbG9RGByyn0vJGR14Z8HJzck&sai=AMfl-YS7dhR8eHEFPXvuuEx7ZLWSDbJ3R5h60vIo0kAOEtfmsQwgLZuBmho9Dr56yiJZcteoYx1kdJaceQWGA1hYDTHy0QpiShSeLGg1fTcIHa3-SHMaQnF7NaMOyPri_Pj9&sig=Cg0ArKJSzBxGiq4hsMDHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/c-americas

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 15:09:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9BB 136 KB
42 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 15:09:18 GMT

GET
H3 200 7393534941283761410
tpc.googlesyndication.com/simgad/ Frame A9BB 197 KB
197 KB 8ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7393534941283761410?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99cceb65b8c80b8152e1a0b12b6cb2b0116cf1220a40e238929bc6d953992be5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:23:05 GMT
x-content-type-options: nosniff
age: 542773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201431
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 22:13:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 May 2023 08:23:05 GMT

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 27 KB
10 KB 54ms
13ms Script
application/javascript 2600:9000:224a:4a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7ef60861d96f03ac2ab73c0f14e8e9190b2b1f48901d6977dc8b8df081082044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 15:54:29 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
age: 83689
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: KMqSZDt-i5ysN-dopHwPMDghp6QPLAo7uChnDyTNKxEBwotnOe9h1g==

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522theepochtimes.com%252Fc-americas%2522%252C%2522script%2...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522theepochtimes.com%252Fc-americas%2522%252C%2522script%2...

42 B
351 B

178ms
178ms

Image
image/gif

44.241.129.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522theepochtimes.com%252Fc-americas%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522867dd0f8-c558-4d3f-ae0b-adbaca13f64c%2522%257D&title=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&tdc=1
Protocol: H2
Server: 44.241.129.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-129-108.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522theepochtimes.com%252Fc-americas%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522867dd0f8-c558-4d3f-ae0b-adbaca13f64c%2522%257D&title=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&tdc=1
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179006610034452&ev=Microdata&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&rl=&if=false&ts=1653491358923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times%22%2C%22meta%3Adescription%22%3A%22Get%20the%20latest%20breaking%20news%20on%20North%20and%20South%20America%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22object%22%2C%22og%3Atitle%22%3A%22North%20and%20South%20America%20News%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20breaking%20news%20on%20North%20and%20South%20America%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas%22%2C%22og%3Asite_name%22%3A%22www.theepochtimes.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2021%2F12%2F27%2Feet_logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653491358400.1015285396&it=1653491358230&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 15:09:18 GMT

GET
H2 200 getcity Show response
sc.youmaker.com/ 120 B
271 B 157ms
114ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/getcity
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3a9660646fcbe7fdb9c9a1154fa1bec1518cdc0dea1ad7992023ad12af57ff67

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 15:09:19 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A9BB 0
0 58ms
41ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSrAjdUz2Rdy-TIe-2GaSvL3-0CdgQuBHeZwPXtK2OVhzudL5v2GUAIYKyl9CsSLNV_WM_fM5LJjjjKUZTI8E0vom1Tjc9JU3XfnQnNIw0-wpRWZSM0j4zrdeO0ZbX7xn9Y56-wPTv-46_NDcUFLli8OTciJo8cfM0LbW1JZ76bmORrBl_ONDIz3Q5hsgiscnzLEXWETkajmNWOBG5POkZd99606grWKcMz6YEN-wcFtnxWo7R-wfc8XuRuItWlmRR4GgiEJBeeqXLJWM96tkZoHVNhW831gnChNh-EP3PhAtvDH-cE50MAIuG4d7ucF3gGnUvAx3Kp276sHKaH6gVqcQC-NAwEmBG&sai=AMfl-YRgFT8ghAGk5ZgKfmQpCq3_OhFOvvdaf9W7ZroMpwSc6Z7B8QkESl02AjcF19QMbLGJFzKhmBrh3PpbQShgDgCXjHwDL5BYoD9UAs9_J1rtXDS0TMx6ZSwVDfAWiLpo&sig=Cg0ArKJSzL21mQGlDasOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 15:09:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 15:09:19 GMT

GET
DATA 200
OK truncated
/ Frame A9BB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8ad8c4dfa6a53d47a8d8ae4d84aeed49bfa65fd3d3bbeba5d129a06730cc914

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame E181 942 B
815 B 158ms
158ms Document
text/html 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=c-americas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7ea7b2661ab44aedab0ecbf29baf2275329e3800f1b6115e178d56770f04e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 710f3101faa683a2-MXP
content-encoding: br
content-type: text/html
date: Wed, 25 May 2022 15:09:19 GMT
etag: W/"NzMwZTJhNGFnYTk0OWc0YmYxZ2I2NjBnZGQ0YzQ5MmRkZDE2LXow"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMdwx%2Fgee%2FLKYuVBUNuSRYDjCe1npDB5eFtnQvH9KvNOQuu2zOXCp%2BNKygYubZv01CKYNEAtUQotauqPoE%2BsLs4gRa3xSsIH28hccDBRzwN4CU0TU25eMnj5gCywH0iLHBVwYFtKds6OuEn4RYUEQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-envoy-upstream-service-time: 1
x-frontend: cc-nginx-55b57bbd68-dd6rn:cc-nginx-55b57bbd68-dd6rn
x-requestid: 54ca6657-0a2c-9a25-bb44-b6690170740c

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1653491359137&se=e30&duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&tna=v2.3.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&wpn=lc-bundle
https://rp4.liadm.com/j?dtstmp=1653491359137&se=e30&duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&tna=v2.3.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6M2I...

13 B
552 B

472ms
99ms

XHR
application/json

44.194.206.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1653491359137&se=e30&duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&tna=v2.3.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6M2IwMDoxMDExOjdjNTI6NTRlYTpjYzAz&n3pc=true

Protocol

Server

44.194.206.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-206-200.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
x-pixel-event-id: bc7decec-75fc-4619-8ec8-f30f09668384
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 6fad07e7fa59cb27
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Wed, 25 May 2022 15:09:19 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1653491359137&se=e30&duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&tna=v2.3.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6M2IwMDoxMDExOjdjNTI6NTRlYTpjYzAz&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.theepochtimes.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 745bda6386bdfdc5
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=3697887341025929&bg=!bG-lbyvNAAZ4vKt9WLw7ACkAdvg8Wm87zoobWzg0GH6y-qg39oo5WpQoKqauYcRxfcJgII79zAoLkwIAAAE_UgAAAAJoAQcKAJ-wIE-vxvrhl9H9834dW3TRkNJNXHVxXp-Yttx272jNNU8ohE5KT1ISOBpKf-0C1BGXo1HlQ1fPvco13jV8HmjHQJZE4aes4TNVo3FZ_A_E0clohPMzdmTUTN5B68COJUEXIcGIKJLIrxDLBJdOa18cr1myBMS6Dkb0PVL7R-cnL4heR6lpViExeg-r8GK0pwmDF0ypUjIbupBh6pmiJ_2ZAqe-BKdZgD15l40Kb_kT8QmEhgOi_YUP6AveUZagIqnWGx-SE_QZPZAoX8yg03aO-s0gCDRZ1cLHfH064hOn9lzvsRCc4XGtVrdC2PiCLSQNfX9OOiS7MTBEQxamaE19yXdUy1FtFr5WfaZNbNfvf7SM65qgEZCcLSf2jlX1rx0NlDhMffAb-5d010zJ5Wwj2mpAg7zBMPp1ghXgC5Ysq8ToqrbbjUNeuSeqehFlxAZyYLDQEWLplHhrja-EQgeBklkmd_td2cRukGBggz7etJ_iYVyrlIeI_uVVsW2fqaaBnQAclRDp_tnEsOfU7X7jujkBYprZB536pJjtRm4BsqYa1564b5kDJRyMB7c9FI8xychLAXuL_LB1Qk5oz8sSmQDbjlAgtKHPqoJc8melOS1wAn_iSbLZKAVVfVsOh3Z95hF_dcSR8IjkxKvJNUw1it0Er1XWQJFvY8V1shfKe11yYtsU0y83euONmdu2rNtvwm6SfPk2AJ30fmbDp3bXcHvUBKuoq9kU23qG0PVw46fmkKdf3H-K6b2zA-ehtTheDepjTnOaoQTq5k0otYKKZpuRMKToYJw3ydJjnKY1qd9xAjG_aH20Ui8nz6-wk2S0Nm2Ndhts31k02Sy526YlSqctcmIl0EhcKnPKuHKLfYuytcO77e_q2rG2GWFoDa0sd5MQ7lEgFwmS6EbX9KzJ8o49sYm7LQ7C3yIUorRybuu0VLJ1wc4BqZUnqaJ6_nd1GBMdabb5Vf_0mMilffgASN6xCgY22U8XOPIyMEJqClf-SUH6Spmd6RDDKKTDLaijZPLBk6X4kScZ2xC2rZtUhEmaC37JLezEBHPje4cU0SC5oUVmlnJAgzkBvKaiGACoJfCajnVXzkN0sZA0r-GRSkM6GUI09NME
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1 200
OK 72731 Show response
idx.liadm.com/idex/unknown/ 42 B
581 B 402ms
102ms XHR
application/json 34.198.184.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.184.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-184-125.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

16c1452fa5f67b64b3ba9ea050d5a9af8b4169e1b9bcf986a5980262203b73b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:19 GMT
Vary: Origin
Server: nginx/1.18.0
Request-Time: 2
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theepochtimes.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: 7f346e0c5d1fe312
Content-Length: 42

GET
H3 200 get Show response
subs.theepochtimes.com/template/ 185 B
202 B 114ms
114ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/template/get?tid=signin&sid=www.theepochtimes.com
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 9b4dfcce9ac01065ebfcacd45938420e39cfd6292c4234b6426ecb15255df7f5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:19 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185

GET
H3 200 get Show response
subs.theepochtimes.com/rules/ 2 MB
2 MB 119ms
118ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/rules/get?sid=www.theepochtimes.com&pid=4c14e06e-dead-4a19-833b-f676ae9d77da
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 58c98c5a5b18c4c0c6a25a61c6e4298e47c4ab0373dd7508b8803f09cb884a88

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type

POST
H2 204 c Show response
ea.epochbase.com/api/pw/ 0
232 B 687ms
686ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Livingston, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.theepochtimes.com
date: Wed, 25 May 2022 15:09:20 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

OPTIONS
H2 200 c
ea.epochbase.com/api/pw/ Frame 0
0 288ms
87ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Livingston, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame E181
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=90e50b33-e6ea-4f74-9ad7-61108a8ae12a

0
463 B

172ms
171ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=90e50b33-e6ea-4f74-9ad7-61108a8ae12a
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
x-frontend: cc-nginx-55b57bbd68-k5bcj:cc-nginx-55b57bbd68-k5bcj
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 2cb9c26d-a7ef-9766-86b7-ee09934169a0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9deqPKykttRj935g1Qb3QCyk78I6BVYJ1jkHEtstWLRMSXk2EMdLL1B7qIU7O7D7sxPy3N9BQ8jXDaGNlLGxAhnYpCYm5o%2BgAnMyjEaGjaHpQtk%2BbGPimPKnjnpHx%2F3OYT54DZrVZVt9OmKbVW4JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 26
cf-ray: 710f31086ba283a2-MXP

Redirect headers

location: https://a.clickcertain.com/px/ta/?done=true&ta_id=90e50b33-e6ea-4f74-9ad7-61108a8ae12a
date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame E181
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redi...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D730e2a4a%2Da949%2D4bf...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&anx_uId=6928370852581133014
https://x.bidswitch.net/sync?dsp_id=179&user_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&expires=5&user_group=0

43 B
495 B

10ms
10ms

Image
image/gif

35.157.1.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=730e2a4a-a949-4bf1-b660-dd4c492ddd16&cn=DE
Protocol: HTTP/1.1
Server: 35.157.1.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-1-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=730e2a4a-a949-4bf1-b660-dd4c492ddd16&expires=5&user_group=0
Date: Wed, 25 May 2022 15:09:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 show2 Show response
subs.theepochtimes.com/template/ Frame AA6A 5 KB
5 KB 116ms
116ms Document
text/html 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMiUyMiUyQyUyMnRpbWV6b25lJTIyJTNBJTIyRXVyb3BlJTJGQmVybGluJTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E1MS4yOTkzJTJDJTIybG9uZ2l0dWRlJTIyJTNBOS40OTElN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anona357-59ce-4853-a085-f24a223162fb%22%2C%22x%22%3A%22531-978-695%22%2C%22vt%22%3A0%2C%22g1%22%3A%22se%22%2C%22g2%22%3A%22ab%22%7D
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3c3e1bee1588041df3b86497a6166ed2750347d5b2eb195dcac9d55a8d42e448

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google
x-robots-tag: noindex

GET
H3 200 babel-polyfill.min.js Show response
subs.theepochtimes.com/views/ Frame AA6A 97 KB
97 KB 115ms
114ms Script
application/javascript 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/views/babel-polyfill.min.js
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMiUyMiUyQyUyMnRpbWV6b25lJTIyJTNBJTIyRXVyb3BlJTJGQmVybGluJTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E1MS4yOTkzJTJDJTIybG9uZ2l0dWRlJTIyJTNBOS40OTElN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anona357-59ce-4853-a085-f24a223162fb%22%2C%22x%22%3A%22531-978-695%22%2C%22vt%22%3A0%2C%22g1%22%3A%22se%22%2C%22g2%22%3A%22ab%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a2eeabe7d2f9bffed10632bc70aa79b5c38e6e0ea3e05481bcd2f02f7f5b4fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.theepochtimes.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMiUyMiUyQyUyMnRpbWV6b25lJTIyJTNBJTIyRXVyb3BlJTJGQmVybGluJTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E1MS4yOTkzJTJDJTIybG9uZ2l0dWRlJTIyJTNBOS40OTElN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anona357-59ce-4853-a085-f24a223162fb%22%2C%22x%22%3A%22531-978-695%22%2C%22vt%22%3A0%2C%22g1%22%3A%22se%22%2C%22g2%22%3A%22ab%22%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:19 GMT
via: 1.1 google
last-modified: Wed, 13 Apr 2022 18:51:45 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99294

GET
H2 200 userId.bundle.js Show response
subs.youmaker.com/lib/ Frame AA6A 195 KB
196 KB 155ms
114ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/userId.bundle.js
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show2?tid=signin&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMiUyMiUyQyUyMnRpbWV6b25lJTIyJTNBJTIyRXVyb3BlJTJGQmVybGluJTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E1MS4yOTkzJTJDJTIybG9uZ2l0dWRlJTIyJTNBOS40OTElN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anona357-59ce-4853-a085-f24a223162fb%22%2C%22x%22%3A%22531-978-695%22%2C%22vt%22%3A0%2C%22g1%22%3A%22se%22%2C%22g2%22%3A%22ab%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: d38b83dade42164cccd72bcdd48761cda957966b785195a92056949247aac8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:19 GMT
via: 1.1 google
last-modified: Sat, 21 May 2022 20:18:17 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199806

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 118ms
118ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 121ms
121ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 119ms
119ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6201&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 121ms
121ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6202&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 119ms
119ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11200&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 120ms
120ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11208&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 120ms
120ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11212&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 121ms
121ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=12201&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:19 GMT
server: nginx/1.20.1
via: 1.1 google

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 124ms
124ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 122ms
121ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 123ms
123ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6201&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 122ms
121ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6202&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 123ms
123ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11200&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 124ms
123ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11208&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 123ms
122ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11212&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 123ms
122ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=12201&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

POST
H2 200 li Show response
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ 312 B
516 B 175ms
175ms Fetch
application/json 35.166.77.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.77.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-77-195.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d9a35196b00c9a081f4d9bbf2c7804aedd68b10fb6de66c6ce380f60ad1c9075

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 15:09:20 GMT
x-amzn-requestid: 7eb4b72a-cd47-4304-9057-eb1b82b8d1e8
x-amz-apigw-id: Sr_5GFOnPHcFV4A=
x-amzn-trace-id: Root=1-628e46a0-075ff05b4c97cb2a187fb6e5
content-length: 312
content-type: application/json

OPTIONS
H2 200 li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ Frame 0
0 496ms
160ms Preflight
application/json 35.166.77.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.77.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-77-195.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 25 May 2022 15:09:20 GMT
x-amz-apigw-id: Sr_5FEEnvHcFiWQ=
x-amzn-requestid: a00103f1-1521-4254-afe4-19e745d91ccb

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E690 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGfSOf0pizYQf6y5UGPljMNGz2nrwhIy4TtYD-chGy23XOIyVG7xnVdL7S1JtcDWIqe8WuzZg20lNesGz2ZsgbzQbwlHMGf-m1Swc2BP3Fbp6teyEytHE5jPJM&sai=AMfl-YQV6DwArdUXtLZQWmVN69grwr40kNys3X5CEXjhdfyGHgLTl7X7Mfl0tp98XHMadEE3ug_dszXoTEeSOoFgra4Ra3dwRkbxlv-QW1ecgpXXTuD4dDKTnx3ht_mKw5A&sig=Cg0ArKJSzKMF8tMxo6-EEAE&id=ampim&o=315,106&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1019&mtos=0,0,0,1019,1019&tos=0,0,0,1019,0&tfs=183&tls=1202&g=100&h=100&tt=1202&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A9BB 42 B
64 B 82ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc22OyKybfnHo7VbfgKU3z3uJDxnB_QveNNyHMvYdFmP_Jj9eGCv96DdGIFUjMkpT8JJseVxUs_4t3IDcLTM_q2VSrNhlaFwI8SQUXEtr8Wk3-SeTivDolm4MffKFn83mseIihk2NZ8EdDSFbLvEBUhVqw7vOFdqZIDfR9THuHlKOhCNtnd-py_AD-IGjbbob7wKa7spJwWTud6ZWFp6Eh3Emb1X2t_WiBkWgPgbQgLNWQtxvBFf7Dc6fcTiWQMoQoTNk0tM6HRpaMynx-oWvA_dSjRxbqRRi4j0Q0OkTBCNLyx044MPgzinWBieHdLBbusQav7r8tbc5HZcaZO0wO2p4TvJVww2EUFtzm&sai=AMfl-YSH5T02M55bLx_R4aBKZO_Ifhm2i14rnxN0XjP-iHy1TPCbi6Prr8h9n1Zz1FlsL_4r0eXG6UIKu7pnWBpL3U1pODS5085xNZiv3D0UeywEn8EtqRipTtcpQ408KCNg&sig=Cg0ArKJSzGwnMdAc6qdfEAE&id=lidar2&mcvt=1001&p=482,1100,732,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220523&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2786340635&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653491358839&rpt=165&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK D-DINCondensed-Bold.otf
img.theepochtimes.com/fonts/ Frame AA6A 57 KB
58 KB 81ms
23ms Font
application/octet-stream 104.104.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img.theepochtimes.com/fonts/D-DINCondensed-Bold.otf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.55.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-55-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Request headers

Referer: https://subs.theepochtimes.com/
Origin: https://subs.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Connection: keep-alive
Content-Length: 58452
Akamai-Mon-Iucid-Del: 1289467
Last-Modified: Wed, 05 Sep 2018 15:47:56 GMT
Server: nginx
ETag: "5b8ffaac-e454"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=28036161
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 116ms
116ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1209&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 115ms
115ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1209&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:20 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 116ms
116ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1208&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:20 GMT
server: nginx/1.20.1
via: 1.1 google

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 117ms
116ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1208&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 114ms
114ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11217&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 115ms
115ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11217&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:20 GMT
server: nginx/1.20.1
via: 1.1 google

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 116ms
116ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11214&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20220518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 114ms
114ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11214&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 May 2022 15:09:20 GMT
server: nginx/1.20.1
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E299 52 KB
17 KB 83ms
18ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "623de86a-cf34"
Expires: Thu, 26 May 2022 15:09:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 9C61 0
0 9ms
9ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1653491357698

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 329C 52 KB
17 KB 84ms
18ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "623de86a-cf34"
Expires: Thu, 26 May 2022 15:09:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 990B 0
0 10ms
9ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1653491357697

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame DCAE 3 KB
2 KB 83ms
19ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 358A 3 KB
2 KB 82ms
18ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 55D7 3 KB
2 KB 90ms
22ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F9AB 281 B
554 B 61ms
18ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 68A4 52 KB
17 KB 79ms
18ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 25 May 2022 15:09:20 GMT
ETag: "623de86a-cf34"
Expires: Thu, 26 May 2022 15:09:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 070C 0
0 8ms
8ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1653491357697

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F9AB 31 KB
10 KB 22ms
22ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 17:55:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71295
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9451
Expires: Thu, 26 May 2022 10:57:35 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E299 0
741 B 25ms
25ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 003102f1-6f30-43dc-bf44-c1d60712081e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 329C 0
741 B 41ms
41ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 06fde845-4004-436b-bdcd-169736ad9f8c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F9AB 284 B
536 B 43ms
10ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 68A4 0
741 B 16ms
16ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0942c42-8824-42b5-8abe-b4e0eb8a85ef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 12B6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

56ms
55ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 737293429d5b6835b66a9f62bd3b2024d1f4b403312cbdf4fd04e485b4ed1258

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1618
Content-Type: text/html
Date: Wed, 25 May 2022 15:09:20 GMT
Dropped-Udsids: 45|230|241|39|90|65|176|18
Expires: Wed, 25 May 2022 15:09:20 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 352
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 25 May 2022 15:09:20 GMT
Expires: Wed, 25 May 2022 15:09:20 GMT
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 961D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

56ms
56ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 99a3e6311843ca3efb37836b68294f70332b03a4c8f892ac563e88ed73d19f08

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1694
Content-Type: text/html
Date: Wed, 25 May 2022 15:09:20 GMT
Dropped-Udsids: 39|241|230|45|24|8|206|176
Expires: Wed, 25 May 2022 15:09:20 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 352
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 25 May 2022 15:09:20 GMT
Expires: Wed, 25 May 2022 15:09:20 GMT
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame EAA0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

59ms
59ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1d5585fa807660e98d51408f01c4c4da585a258d70f0157d76b1821c0fa82ae

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1691
Content-Type: text/html
Date: Wed, 25 May 2022 15:09:20 GMT
Dropped-Udsids: 39|241|45|230|190|73|31|51
Expires: Wed, 25 May 2022 15:09:20 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 352
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 25 May 2022 15:09:20 GMT
Expires: Wed, 25 May 2022 15:09:20 GMT
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=528797536&t=event&_s=2&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&ul=en-us&de=UTF-8&dt=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Impression&ea=anonymous&el=&ev=0&_u=aHBACEABBAAAAC~&jid=&gjid=&cid=1626945463.1653491357&uid=anona357-59ce-4853-a085-f24a223162fb&tid=UA-10465455-30&_gid=1332642503.1653491357&cd3=%3Bamericas-21%3B&cd28=%3BAmericas%3B&cd43=category&cd18=anona357-59ce-4853-a085-f24a223162fb&z=1229101914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 03:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 12B6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo5GoHXx-NiQiNaTVtY.fAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

35ms
34ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 12B6 170 B
188 B 33ms
18ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 12B6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB&dcc=t

43 B
645 B

102ms
102ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 85QSMZW7F6QVV69GWM6N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G21PJ69MPNRJ5PYDPZM9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoIcUEmdVjEMmlBaWCgAABE8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 12B6 70 B
264 B 96ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 12B6
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

26ms
25ms

Image
text/plain

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 15:09:20 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Wed, 25 May 2022 15:09:20 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 24 May 2022 15:09:20 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 12B6
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653577760&gdpr=1

43 B
315 B

100ms
29ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653577760&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:20 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653577760&gdpr=1
pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame 12B6 0
44 B 294ms
93ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:19 GMT
content-length: 0
server: a

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 12B6
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669388960&external_user_id=184a6d8e-2af2-4759-8553-dadfc0edfdfd

43 B
1 KB

39ms
39ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669388960&external_user_id=184a6d8e-2af2-4759-8553-dadfc0edfdfd
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669388960&external_user_id=184a6d8e-2af2-4759-8553-dadfc0edfdfd
date: Wed, 25 May 2022 15:09:20 GMT
access-control-allow-origin: *.casalemedia.com
content-length: 157
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 12B6 43 B
425 B 23ms
22ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yo5GoIcUEmdVjEMmlBaWCgAA%261103
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3014
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:59:34 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 961D 70 B
264 B 97ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 961D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB&dcc=t

43 B
645 B

103ms
102ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PC88Z9KPQ0GRAXN74QXY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZGHPMZ8NM4FBV3FGY4FE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 961D 170 B
188 B 30ms
19ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 961D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo5GoHXx-NiQiNaTVtY.fAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

35ms
35ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
csync.loopme.me/ Frame 961D 0
0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 961D
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4002bf92-3dfb-468a-9be1-be3f36f29fab&expiration=1685027360

43 B
1 KB

38ms
38ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4002bf92-3dfb-468a-9be1-be3f36f29fab&expiration=1685027360
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4002bf92-3dfb-468a-9be1-be3f36f29fab&expiration=1685027360
date: Wed, 25 May 2022 15:09:20 GMT
server: Kestrel
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 961D 0
124 B 43ms
11ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yo5GoHXx_NiQiNaTVtY-fAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 113
match.deepintent.com/usersync/ Frame 961D 0
39 B 293ms
94ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
content-length: 0
server: a

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 961D 43 B
425 B 19ms
18ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yo5GoHXx-NiQiNaTVtY.fAAA%261195
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3014
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:59:34 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame EAA0 70 B
265 B 84ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame EAA0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZGTJWK3NY99KWD267DES
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 43EBA0QYE2ZSRVT61V7R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EAA0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo5GoHEsqWLEUc7OP4.duAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

40ms
39ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEARZJotP6WPy655rnlnGksw&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame EAA0 170 B
188 B 18ms
17ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 15:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame EAA0 0
0 47ms
45ms Image
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EAA0 43 B
990 B 114ms
39ms Image
image/gif 2a05:d018:d29:3605:9f4c:83a8:7085:a009
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yo5GoHEsqWLEUc7OP4-duAAABHQAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:9f4c:83a8:7085:a009 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame EAA0
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7067777601284421496&uid=Q7067777601284421496&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

12ms
11ms

Image
image/gif

104.92.91.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.92.91.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-91-221.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 25 May 2022 15:09:20 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame EAA0 43 B
220 B 312ms
16ms Image
image/gif 35.157.1.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.1.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-1-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame EAA0 43 B
425 B 18ms
18ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yo5GoHEsqWLEUc7OP4.duAAA%261140
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theepochtimes.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:09:20 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3014
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 15:59:34 GMT

POST
H3 200 senddata Show response
subsapi.epoch.cloud/db/ 16 B
636 B 194ms
165ms XHR
text/plain 2606:4700:3038::6815:ea4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/db/senddata
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 15:09:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFReG6AY40F9P%2FC28gHnCCIr6C3C6YwvMCp6irkXF8TLdiWeQ%2BYVi62UDsNDREOdXL54tRHS2xdL8o%2By5YCCgB4%2B8FsZ4R%2Ft3j2QAW19DNVwgCr30ZqG0uCSPPVe29KKGEtZogiBTCUr4eSKXnvLTgEk"}],"group":"cf-nel","max_age":604800}
cf-ray: 710f310fecfc41b9-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16

OPTIONS
H2 200 senddata
subsapi.epoch.cloud/db/ Frame 0
0 309ms
243ms Preflight 2606:4700:3038::6815:ea4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/db/senddata
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 710f310e2f2d41d7-MRS
content-length: 0
date: Wed, 25 May 2022 15:09:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQCW587VEhNeZB0fzVoYLlmrr%2Fv8wZvmh%2F48VNxsLreYphoQh%2F%2FpAK5kherGe2ulA4W3kCytZ2cIhPJ4feTiL%2FqVf%2FhQRYm20Q1zk0DIgE7bC2LIllwmRdawnav7deAg3nXh9t7tmk3UU3AE%2BTv%2F3Lkf"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E299 0
741 B 15ms
15ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:21 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cfbfae20-cccb-47ad-bfd0-e16e16442b0e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 329C 0
741 B 28ms
28ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:21 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b621ef71-29a5-4aa7-b84c-687a4f514a8a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 68A4 0
741 B 22ms
13ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 15:09:21 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5f2dbc10-fd34-417e-899c-217576f6dc3c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
77 KB 84ms
63ms Script
application/javascript 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db0c7c24328d3b5e3e54b9eccfa96127fe5f7657c1167c9af2ec202c01b18c14

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-V16IgvzmyIgLQd5f97mU6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-V16IgvzmyIgLQd5f97mU6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 25 May 2022 15:09:21 GMT

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 221ms
205ms Stylesheet
text/css 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BJuSCtWc65dEx3ChdtGQnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BJuSCtWc65dEx3ChdtGQnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 25 May 2022 15:09:21 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 66ms
54ms XHR
application/json 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=490013421558-fsr5v4sfmmhdjuqbnpoghql9do3gmjk9.apps.googleusercontent.com&as=WxoOio7Cjm%2BNWAycGP%2BnpQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fed1756e49aefdc4deff7ff37839d8138b4fa3a05aa1d06dc1624b9cbbd7d65

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-erCL41uTHe55nx3Wnjm0Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-erCL41uTHe55nx3Wnjm0Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
ea.epochbase.com/api/analytics/g/ 0
233 B 831ms
647ms Ping
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/analytics/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=2oe5n0&_p=528797536&_z=ccd.PNB&cid=1626945463.1653491357&ul=en-us&sr=1600x1200&_fplc=0&_s=2&sid=1653491356&sct=1&seg=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fc-americas&dt=North%20and%20South%20America%20News%20%7C%20The%20Epoch%20Times&en=page_view&ep.page_path=%2Fc-americas&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Livingston, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.theepochtimes.com
date: Wed, 25 May 2022 15:09:22 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

POST c
ea.epochbase.com/api/pw/ 0
0

OPTIONS
H2 200 c
ea.epochbase.com/api/pw/ Frame 0
0 91ms
91ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Livingston, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Wed, 25 May 2022 15:09:24 GMT
server: nginx/1.20.1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csync.loopme.me
URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=

Domain: ea.epochbase.com
URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:01:23	Name: _li_ss Value: MgYIkgEQoBI
.theepochtimes.com/	1970-01-20 05:27:47	Name: epoch_persistent_user_id Value: anona357-59ce-4853-a085-f24a223162fb
.theepochtimes.com/	1970-01-20 03:19:37	Name: _gid Value: GA1.2.1332642503.1653491357
.theepochtimes.com/	1970-01-20 03:18:11	Name: _gat Value: 1
.theepochtimes.com/	1970-01-20 20:49:23	Name: _ga Value: GA1.1.1626945463.1653491357
.theepochtimes.com/	1970-01-20 20:49:23	Name: _ga_RD0QM5H02Q Value: GS1.1.1653491356.1.1.1653491356.0
.theepochtimes.com/	1970-01-20 03:28:16	Name: pageviewCount_fb Value: 1,none,https://www.theepochtimes.com/c-americas
.theepochtimes.com/	1970-01-20 03:18:13	Name: __asc Value: 9a0f98df180fbc3d7393c89f2e8
.theepochtimes.com/	1970-01-20 12:05:13	Name: __auc Value: 9a0f98df180fbc3d7393c89f2e8
.quantserve.com/	1970-01-20 12:48:25	Name: mc Value: 628e469d-8b21d-77189-2d9da
.theepochtimes.com/	1970-01-20 12:42:40	Name: __qca Value: P0-819963117-1653491357548
.scorecardresearch.com/	1970-01-20 20:34:59	Name: UID Value: 148b5863d6f7d9ab46549ac1653491357
.adnxs.com/	1970-01-20 05:27:47	Name: icu Value: ChgI159BEAoYASABKAEwnY25lAY4AUABSAEQnY25lAYYAA..
.adnxs.com/	1970-01-20 05:27:47	Name: uuid2 Value: 6928370852581133014
.theepochtimes.com/	1970-01-20 05:27:47	Name: _fbp Value: fb.1.1653491358400.1015285396
.facebook.com/	1970-01-20 05:27:47	Name: fr Value: 0cAgD2DvGtg2fbtBu..Bijkae...1.0.Bijkae.
a.clickcertain.com/	1970-01-20 12:03:47	Name: _ccpx_u Value: 730e2a4a%2da949%2d4bf1%2db660%2ddd4c492ddd16
.doubleclick.net/	1970-01-20 12:39:47	Name: IDE Value: AHWqTUlEsQylx_jyJ6JD2GWAkWU8_spqW-SOXbbqzwMVMwFnogNVHHtv0-IqeMhINMk
.doubleclick.net/	1970-01-20 03:18:12	Name: test_cookie Value: CheckForPermission
.theepochtimes.com/	1970-01-20 12:39:47	Name: __gads Value: ID=843ad9f293b22716-22398b4c9fcd0079:T=1653491358:S=ALNI_MaE5mG52wsXK-S0vYpGbyd5rNhqRg
www.theepochtimes.com/	1970-01-20 07:37:23	Name: _geuid Value: 867dd0f8-c558-4d3f-ae0b-adbaca13f64c
www.theepochtimes.com/	1970-01-20 07:37:23	Name: _gepi Value: true
www.theepochtimes.com/	1970-01-20 04:01:23	Name: _geps Value: true
a.clickcertain.com/	1970-01-20 12:03:47	Name: _ccpx_244b81b94c69796 Value: 1
a.clickcertain.com/	1970-01-20 12:03:47	Name: _ccpx Value: 244b81b94c69796
.theepochtimes.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .theepochtimes.com
.theepochtimes.com/	1970-01-20 20:49:23	Name: _lc2_fpi Value: 57b4458eb59c--01g3xw7q9b87wtg1a87y6nnwq3
.theepochtimes.com/	1970-01-20 12:03:47	Name: epoch_geo Value: se
.theepochtimes.com/	1970-01-20 12:03:47	Name: epoch_geo_city Value: ab
www.theepochtimes.com/	1969-12-31 23:59:59	Name: epoch_user_dna Value: %7B%22pid%22%3A%22anona357-59ce-4853-a085-f24a223162fb%22%2C%22x%22%3A%22531-978-695%22%2C%22vt%22%3A0%2C%22g1%22%3A%22se%22%2C%22g2%22%3A%22ab%22%7D
.theepochtimes.com/	1970-01-20 03:28:16	Name: e_ab_es Value: 0.16872076704844052
.theepochtimes.com/	1970-01-20 03:18:14	Name: __li_idex_cache_eyJyZXNvbHZlIjoibWQ1In0 Value: {%22md5%22:%2272bd732a01b84cb28a36776e660c6d3c%22}
.tapad.com/	1970-01-20 04:44:35	Name: TapAd_TS Value: 1653491359998
.tapad.com/	1970-01-20 04:44:35	Name: TapAd_DID Value: 90e50b33-e6ea-4f74-9ad7-61108a8ae12a
.tapad.com/	1970-01-20 04:44:35	Name: TapAd_3WAY_SYNCS Value:
.liadm.com/	1970-01-20 20:49:23	Name: lidid Value: 04b2f994-0f8c-45d0-b8bc-e2268ad11f86
.alocdn.com/	1970-01-20 12:03:47	Name: uuid Value: 5aaf1363-4ece-4b32-9d2a-12fd698ce9fc
.theepochtimes.com/	1970-01-20 04:01:23	Name: epoch_user_type Value: anonymous
.casalemedia.com/	1970-01-20 05:27:47	Name: CMPS Value: 5197
.casalemedia.com/	1970-01-20 03:19:37	Name: CMST Value: Yo5GoGKORqAA
.owneriq.net/	1970-01-20 20:49:23	Name: si Value: Q7067777601284421496
.owneriq.net/	1970-01-20 03:32:35	Name: p2 Value: cc
.simpli.fi/	1970-01-20 12:05:13	Name: suid Value: 72039BDD3B584EE79CA5D1050D135AA2
.casalemedia.com/	1970-01-20 12:03:47	Name: CMID Value: Yo5GoHEsqWLEUc7OP4.duAAA
.casalemedia.com/	1970-01-20 05:27:47	Name: CMPRO Value: 1140
.yahoo.com/	1970-01-20 12:04:08	Name: A3 Value: d=AQABBKBGjmICEPh_EiSn14JYnhy-7fEffkoFEgEBAQGYj2KYYgAAAAAA_eMAAA&S=AQAAAt-nkVKr58yw9r8UCHWb9Zs
beacon.lynx.cognitivlabs.com/	1970-01-20 12:03:47	Name: UID Value: 4002bf92-3dfb-468a-9be1-be3f36f29fab
beacon.lynx.cognitivlabs.com/	1970-01-20 12:03:47	Name: ss Value: E5fzOEIULGZPpP8z4VeskQ5OTV7ZlOIZtmadPi0WHLdkeXlSwa8ChfEiFIAkPeZrmawwn3AwRJUAuG%2FMTLXHZA%3D%3D
.company-target.com/	1970-01-20 20:49:23	Name: tuuid Value: 184a6d8e-2af2-4759-8553-dadfc0edfdfd
.company-target.com/	1970-01-20 20:49:23	Name: tuuid_lu Value: 1653491360
.casalemedia.com/	1970-01-20 12:03:47	Name: CMRUM3 Value: 2d628e46a02760CAESEARZJotP6WPy655rnlnGksw&27628e46a00b40&e6628e46a02760&49628e46a005a0&be628e46a005a0&33628e46a005a0&f1628e46a005a0&1f628e46a005a00&12628e46a02760184a6d8e-2af2-4759-8553-dadfc0edfdfd
.bidswitch.net/	1970-01-20 12:03:47	Name: tuuid Value: 5cc4a4df-f238-470a-ba07-77aa082da384
.bidswitch.net/	1970-01-20 12:03:47	Name: c Value: 1653491360
.bidswitch.net/	1970-01-20 12:03:47	Name: tuuid_lu Value: 1653491360

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47ed457bca7382c867685092f6e550c9.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
accounts.google.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
b-code.liadm.com
beacon.lynx.cognitivlabs.com
c.amazon-adsystem.com
casale-match.dotomi.com
cdn.ampproject.org
certify.alexametrics.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
clientcdn.pushengage.com
cm.g.doubleclick.net
connect.facebook.net
csync.loopme.me
d31qbv1cthcecs.cloudfront.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
ea.epochbase.com
eus.rubiconproject.com
exchange.postrelease.com
fonts.googleapis.com
fonts.gstatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
idx.liadm.com
img.theepochtimes.com
js-sec.indexww.com
js.chargebee.com
lists.youmaker.com
match.adsrvr.org
match.deepintent.com
onetag-sys.com
p.alocdn.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.adnxs.com
px.owneriq.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
stats.g.doubleclick.net
subs.theepochtimes.com
subs.youmaker.com
subsapi.epoch.cloud
sync.go.sonobi.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theepochtimes.com
www.youmaker.com
x.bidswitch.net
csync.loopme.me
ea.epochbase.com
104.104.55.26
104.92.91.221
142.250.185.162
142.250.185.66
151.139.128.11
169.197.150.7
169.50.137.184
178.162.133.149
18.213.100.194
18.66.248.84
185.33.221.90
185.33.223.38
2.20.157.55
209.54.177.54
23.205.235.133
23.32.59.34
23.35.236.188
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:224a:4a00:8:8845:1500:93a1
2600:9000:2315:5800:6:44e3:f8c0:93a1
2606:4700:20::681a:37a
2606:4700:20::681a:832
2606:4700:3038::6815:ea4e
2606:4700:3038::6815:ea4f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200d
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9b
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:9f4c:83a8:7085:a009
3.126.56.137
3.232.89.139
34.102.198.207
34.120.97.157
34.198.184.125
35.157.1.22
35.166.77.195
35.170.174.103
35.201.68.206
35.227.248.159
35.244.243.66
35.71.131.137
37.252.161.190
4.7.168.74
44.194.206.200
44.236.105.167
44.241.129.108
51.89.9.254
52.92.211.168
54.215.186.48
64.71.159.106
65.9.66.173
69.173.144.138
69.173.144.165
99.86.4.120
99.86.4.123
99.86.4.128
99.86.4.32
01f0c5526f98dd9143c8c16b6a2a7add426896ee531fce0f76a54ed4271c3b82
02c88cd7656e5b49f9dcfa2a4907a1e9650afb63ddb6addd6baf1244d619e3ae
04d08bc6882cc4d5a2fc84803ad8eb1f0929fe6ad45f52833329121b68d904eb
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bca4156362ae327faea6ddf83f8012f87138bcab46a11f4d5dc8513e8bd7bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ef882f04fe97354fcce4c17bf5d5bcea29f71e7729533dc6614a7ed5edadef6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
156ddb25158b566de3fb66c201ba43caac55d3867b49982bdd6f74ccbc55ec65
1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9
16c1452fa5f67b64b3ba9ea050d5a9af8b4169e1b9bcf986a5980262203b73b8
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1b492a906f47aa3e76be3ba0fb63c575a2b2cdd71bf7d9e6ffb36faf86df4531
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e876cbda4f26f89da5424ebf9b32794c64a77df1c7804effe09ae34ad09952f
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132
3104bab9f3d16a241f2267c46b606437ed3bae6a0dfd4ae50080bd50973619c6
3130dd01960f2e29342dc55c0978572966d0e4f3fd2e68691cdb62238efc85f2
3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
379ce4633833b6fc0af84afcd6948b557f7c893d2d5b9f96322d56c7b61d6679
3a9660646fcbe7fdb9c9a1154fa1bec1518cdc0dea1ad7992023ad12af57ff67
3c3e1bee1588041df3b86497a6166ed2750347d5b2eb195dcac9d55a8d42e448
3c7ea7b2661ab44aedab0ecbf29baf2275329e3800f1b6115e178d56770f04e6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef5422f553694b55700bf8228f8565323672782ac8841df226437f095876785
3fabc5c1cb983602f5a953f6d0da8d2bd8f4bb6b4024bff2ebe116e277b4fdf9
3fb4d7558382f8575cfe2115c489e119163ba4bf40b84e62ff21e423ea50eef0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46aaa16c10916759cd5291c86f807a45633f80676d43544bf4c3b25e575112ab
4871210fae005014eda6692b854ba7f0a0367cc14fdd9048c90f77143625dfca
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e3bb69810c5154cbe987cf72f55f992c448ac8e21ae0014da475ce1032460d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b91f8cdcc1aa20b71688e25dada1e9241c6061c154c0fe542d66a70fb5b8c6f
4bd13a00aa88227ddc41a725504d0342e0ad8b789ca3f40678cbc83ba8fcc879
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c
4ebed7568be2aac739e5431d9ee53d4d95321be6a38a90d0b93b14d4e86dcbbc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58bd62e5873d0df478237a5195f10ad95bf5b7392ad42cb66cf72efde0764378
58c98c5a5b18c4c0c6a25a61c6e4298e47c4ab0373dd7508b8803f09cb884a88
598a1b443d7cfcd8af1c497aae480cfe907ad8f998608b3b4e3fcb5509bf89c9
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ea8a172ad1c688685ce137f792ba14aa34d7bd1eade35c4367891f3fca22156
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
694e0009855d1635649111c5c244958da6bdb11a9323fd6604e4b91201a2bfac
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
703459a28a8b3b51b4702b22d9cbd94cff54fcca4fc034ba7b3f64bf7cf4228a
706f3e78e6d46f6159110680203b3050845ec5c6c6f4d69cb259cbd9927e7f75
72974739823d21db3088160569739b4bbbc3c4f1bb0fe5ae6afe1e89ac515258
737293429d5b6835b66a9f62bd3b2024d1f4b403312cbdf4fd04e485b4ed1258
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701
783d4221c0a8954077bda869c9fac23d7d6efb9306cba0925c8291e06894b4df
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7ef60861d96f03ac2ab73c0f14e8e9190b2b1f48901d6977dc8b8df081082044
7fad06f6ac22600dc8725c38de6e200ca68c6036bf9bacbab694adfb5ea60552
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800dcf656ded5336badeda016b6bb419d459e2531bb01c1e051c993d8a01ba2e
8300ec8c602a364430d96aec6f2d1fecf26a1718d194b52c193728ef4643e003
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8358abfe7f01035041fa2b4214f6def48e4aa85ba03fc8254c6f813a133f9192
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
88d775a95cd0d49c6c4e5c3d7d1b442bd055e01cc38504b4b793a6e46890b21d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b0daf8b0fadec4104ec807b0f4432698777a2a61078c1cf38b91e1fb238ed4d
8b4ad35883e55339a7c948475159a9678962c526203bcb3131f6388c60ca2fe0
8b688dfa571cdb735b250a5a996f6b8ff17becca482240e7883ba592fb459557
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8eadc35a060caaf7875d43f8e892be64dfbecbacbbfe02a20c4029749421a8c2
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fed1756e49aefdc4deff7ff37839d8138b4fa3a05aa1d06dc1624b9cbbd7d65
922e883b2e9edd2562fad73074ac5944f1a5c04575ea56402d8c3b7f5f73ffb5
933f00abf02286efc36ac4b1153a9540f234c731dac0d6a5aefad7bd68a92a84
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76
95e2fad82850b7613c27816a8323a4ff3906c7bc15aae4c916b81fab6ef23b6b
98c752450f26de1a588303aa6a7121d719ff4f7d2aab3399105f48d90d881ce9
992031d3fad995c43a16b9ef01ca3cbec1dc830018b639f1f4b71196a12d98dc
99a3e6311843ca3efb37836b68294f70332b03a4c8f892ac563e88ed73d19f08
99cceb65b8c80b8152e1a0b12b6cb2b0116cf1220a40e238929bc6d953992be5
9b4dfcce9ac01065ebfcacd45938420e39cfd6292c4234b6426ecb15255df7f5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d5585fa807660e98d51408f01c4c4da585a258d70f0157d76b1821c0fa82ae
a2eeabe7d2f9bffed10632bc70aa79b5c38e6e0ea3e05481bcd2f02f7f5b4fac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ad8c4dfa6a53d47a8d8ae4d84aeed49bfa65fd3d3bbeba5d129a06730cc914
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a38562e943ca15adb08748280b8674dd142b85bf259de3fe60ecdcb29bd92e
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b4870cf31c5238c5d2b3cf2b6ec2b070a68622b96dfd3ff0ac1e259ecdb9d6c4
b4d39529975f23fb0b09b759e33e98fc86c76d7a4c541a131008b9ff0182f6b1
b55ce596f3b7898c55f9b0dfdbd1b428e97f49459e2e268369c6d70cb5a0cf18
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
b8f9bb8fe82b3abbc4e23a9584404436acf0e719e54421902295c559033f61a3
ba0fde3fc25b81a76e601038ed43810c6dfb4f834e8f3749c3917556ad53017d
ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2
ba913322f7de47577270d72133e0b0f6ce6af7f3a957eb7f0009b67e5cb59e4b
bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b3ceb5eae2d19d1480be7fae89933b9b9904d79a7a779af919e30fe793ad90
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c84e3c10e7e6872f1565ed0fcbd34d0e90926ed48b46a882d66f3f81ac40b26d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc4d0a85bcb684c04051f64782dc2dbef34e8fb913f425828581f670343fe201
cfcfcc4f882ee207b643b788b619008bdad867ee9cc1af915fb7408bf5c8ff2d
d176b2899e148f8ea62da627dfa29b0066e59d50d4f03cd32d450a731e62a9ae
d38b83dade42164cccd72bcdd48761cda957966b785195a92056949247aac8ae
d5759b9d381ea36ee50ececbe9816fd957b4e38832d8baa4c53f7635a1c7aceb
d6c08334cab59e0b9b2074116bdb450a3df28df045c636399e31e7eaf8ee5f9e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9a35196b00c9a081f4d9bbf2c7804aedd68b10fb6de66c6ce380f60ad1c9075
daf7a0dccb1120d74cc9a492fb7b20f48ef4cf2d2b1cd4b1b26d57006929f4e3
db0c7c24328d3b5e3e54b9eccfa96127fe5f7657c1167c9af2ec202c01b18c14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee52681bc74dd786c071fa7113b55213b5ac6a3aa7a6242c08493c41d856171c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2eba112717f3e6efeb67a75313b7f388ccc5fc0f35f971dff64b36f442ef441
f5e59cc6b94811c4e5446fcf8e40aaf4a3ab1b536a57f84ceecb722def413638
f68f293b5739c343322034f71620923b57797c47a498ab2b3098c7cce39c2190
f94f10e34c5c33a2a6e0956fe2f1d11c2a51dbd4ea81c6b282b02c2706727715

www.theepochtimes.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

91 %HTTPS

38 %IPv6

48 Domains

77 Subdomains

64 IPs

8 Countries

4941 kBTransfer

7323 kBSize

54 Cookies

30 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

91 %
HTTPS

38 %
IPv6

48
Domains

77
Subdomains

64
IPs

8
Countries

4941 kB
Transfer

7323 kB
Size

54
Cookies

228 HTTP transactions
5 data transactions