urlscan.io logo urlscan.io
SecurityTrails logo

www.theepochtimes.com Open in urlscan Pro
104.17.157.22  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Submission: On December 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 10 countries across 81 domains to perform 501 HTTP transactions. The main IP is 104.17.157.22, located in and belongs to CLOUDFLARENET, US. The main domain is www.theepochtimes.com. The Cisco Umbrella rank of the primary domain is 60648.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 18th 2023. Valid for: a year.
This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 104.17.157.22 13335 (CLOUDFLAR...)
5 18.238.243.106 16509 (AMAZON-02)
1 151.101.65.26 54113 (FASTLY)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
8 142.250.185.194 15169 (GOOGLE)
4 142.250.185.104 15169 (GOOGLE)
29 34.102.198.207 396982 (GOOGLE-CL...)
10 104.21.234.68 13335 (CLOUDFLAR...)
36 35.211.89.112 19527 (GOOGLE-2)
2 172.217.18.14 15169 (GOOGLE)
4 34.110.129.224 396982 (GOOGLE-CL...)
1 12 51.89.9.251 16276 (OVH)
5 34.248.250.162 16509 (AMAZON-02)
5 209.192.253.52 7979 (SERVERS-COM)
5 3.225.229.133 14618 (AMAZON-AES)
5 63.34.97.161 16509 (AMAZON-02)
5 13.32.121.80 16509 (AMAZON-02)
27 34.120.33.89 396982 (GOOGLE-CL...)
3 216.239.32.36 15169 (GOOGLE)
1 173.194.76.157 15169 (GOOGLE)
4 142.250.186.131 15169 (GOOGLE)
1 8 142.250.185.162 15169 (GOOGLE)
2 7 142.250.185.228 15169 (GOOGLE)
5 4.7.168.74 3356 (LEVEL3)
4 151.101.130.133 54113 (FASTLY)
1 172.64.141.13 13335 (CLOUDFLAR...)
2 142.250.186.161 15169 (GOOGLE)
6 104.21.234.69 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
5 2.19.11.158 20940 (AKAMAI-ASN1)
5 142.250.185.65 15169 (GOOGLE)
12 142.250.184.225 15169 (GOOGLE)
3 18.66.24.34 16509 (AMAZON-02)
1 142.250.185.138 15169 (GOOGLE)
1 23.73.140.164 16625 (AKAMAI-AS)
3 54.76.12.87 16509 (AMAZON-02)
3 169.150.247.39 60068 (CDN77 ^_^)
2 52.51.174.173 16509 (AMAZON-02)
2 52.18.111.16 16509 (AMAZON-02)
21 142.250.186.98 15169 (GOOGLE)
5 13 142.250.184.194 15169 (GOOGLE)
2 29 172.64.151.101 13335 (CLOUDFLAR...)
4 5 185.89.210.46 29990 (ASN-APPNEX)
18 142.250.185.102 15169 (GOOGLE)
5 13.224.103.29 16509 (AMAZON-02)
1 4 91.228.74.168 16509 (AMAZON-02)
13 15.197.193.217 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 35.227.252.103 396982 (GOOGLE-CL...)
2 2 216.52.2.86 30282 (AS-INAPCD...)
2 2 76.223.111.18 16509 (AMAZON-02)
5 5 104.64.126.246 16625 (AKAMAI-AS)
10 23.218.210.30 16625 (AKAMAI-AS)
5 35.244.159.8 15169 (GOOGLE)
5 16 3.71.149.231 16509 (AMAZON-02)
5 69.173.144.165 26667 (RUBICONPR...)
5 185.64.190.79 62713 (AS-PUBMATIC)
6 98.98.134.241 21859 (ZEN-ECN)
1 2 52.46.130.91 16509 (AMAZON-02)
11 11 44.216.232.169 14618 (AMAZON-AES)
5 178.250.1.9 44788 (ASN-CRITE...)
2 2 45.137.176.88 60350 (VP)
1 1 154.59.122.79 174 (COGENT-174)
1 64.227.64.62 14061 (DIGITALOC...)
5 18.239.36.109 16509 (AMAZON-02)
2 54.76.87.161 16509 (AMAZON-02)
1 172.67.74.129 13335 (CLOUDFLAR...)
2 2 34.95.81.168 396982 (GOOGLE-CL...)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 4 34.252.177.198 16509 (AMAZON-02)
1 154.54.250.150 26558 (FREEWHEEL)
1 63.251.232.165 32475 (SINGLEHOP...)
2 2 35.214.142.236 15169 (GOOGLE)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 89.207.16.201 41041 (VCLK-EU-SE)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 37.157.6.254 198622 (ADFORM)
2 2 151.101.66.49 54113 (FASTLY)
1 1 54.197.120.184 14618 (AMAZON-AES)
1 54.81.245.140 14618 (AMAZON-AES)
5 69.173.144.138 26667 (RUBICONPR...)
1 2 104.26.3.122 13335 (CLOUDFLAR...)
4 8 104.26.8.50 13335 (CLOUDFLAR...)
1 4 204.79.197.200 8068 (MICROSOFT...)
1 4 52.200.58.150 14618 (AMAZON-AES)
1 146.75.116.157 54113 (FASTLY)
1 13.32.110.110 16509 (AMAZON-02)
1 3 18.239.83.58 16509 (AMAZON-02)
1 18.165.183.73 16509 (AMAZON-02)
5 104.244.42.197 13414 (TWITTER)
5 104.244.42.195 13414 (TWITTER)
2 13.107.213.45 8075 (MICROSOFT...)
1 3 35.162.252.179 16509 (AMAZON-02)
2 52.152.143.207 8075 (MICROSOFT...)
8 13.69.106.216 8075 (MICROSOFT...)
3 108.177.15.84 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 142.250.185.98 15169 (GOOGLE)
1 52.92.238.136 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 44.227.40.210 16509 (AMAZON-02)
2 143.204.98.70 16509 (AMAZON-02)
1 185.102.217.65 60068 (CDN77 ^_^)
1 18.238.243.72 16509 (AMAZON-02)
1 34.238.108.29 14618 (AMAZON-AES)
1 35.173.27.72 14618 (AMAZON-AES)
501 90
43    104.17.157.22 (None, )

ASN13335 (CLOUDFLARENET, US)
www.theepochtimes.com
5    18.238.243.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-106.ams58.r.cloudfront.net
rumcdn.geoedge.be
1    151.101.65.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
8    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
4    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
29    34.102.198.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.198.102.34.bc.googleusercontent.com
subs.theepochtimes.com
10    104.21.234.68 (None, )

ASN13335 (CLOUDFLARENET, US)
services.epoch.cloud
mixproxy.epoch.cloud
subsapi.epoch.cloud
36    35.211.89.112 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 112.89.211.35.bc.googleusercontent.com
game.epochbase.com
2    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net
www.google-analytics.com
4    34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com
pwe.epochbase.com
12    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
5    34.248.250.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
5    209.192.253.52 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
5    3.225.229.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-229-133.compute-1.amazonaws.com
exchange.postrelease.com
5    63.34.97.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-97-161.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
5    13.32.121.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-80.fra60.r.cloudfront.net
hb.undertone.com
27    34.120.33.89 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.33.120.34.bc.googleusercontent.com
comment.youmaker.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
stats.g.doubleclick.net
4    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.google.de
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
7    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
5    4.7.168.74 (Hazleton, United States)

ASN3356 (LEVEL3, US)
ea.epochbase.com
4    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
mp.theepochtimes.com
1    172.64.141.13 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
6    104.21.234.69 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.epoch.cloud
mixproxy.epoch.cloud
subsapi.epoch.cloud
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2.19.11.158 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-11-158.deploy.static.akamaitechnologies.com
img.theepochtimes.com
5    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
cdn.ampproject.org
12    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
3    18.66.24.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-24-34.vie50.r.cloudfront.net
gw.geoedge.be
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
1    23.73.140.164 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-140-164.deploy.static.akamaitechnologies.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
3    54.76.12.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-12-87.eu-west-1.compute.amazonaws.com
ingestion.contentinsights.com
3    169.150.247.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-39.bunnyinfra.net
tentacles.smartocto.com
2    52.51.174.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-174-173.eu-west-1.compute.amazonaws.com
api.smartocto.com
2    52.18.111.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
ingestion.smartocto.com
21    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
ade.googlesyndication.com
13    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
29    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
5    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
18    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
s0.2mdn.net
5    13.224.103.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-29.zrh50.r.cloudfront.net
cdn.undertone.com
4    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
secure.quantserve.com
pixel.quantserve.com
13    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
16    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
11    44.216.232.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-232-169.compute-1.amazonaws.com
i.liadm.com
5    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
5    18.239.36.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-109.ams58.r.cloudfront.net
usr.undertone.com
2    54.76.87.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    34.252.177.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    154.54.250.150 (Saint-Denis, France)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    35.214.142.236 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 236.142.214.35.bc.googleusercontent.com
csync.loopme.me
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    89.207.16.201 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float1.dotomi.com
casale-match.dotomi.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.197.120.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-120-184.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.81.245.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-245-140.compute-1.amazonaws.com
rtb.adentifi.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    104.26.3.122 (None, )

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
8    104.26.8.50 (None, )

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
4    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
c.bing.com
4    52.200.58.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-58-150.compute-1.amazonaws.com
tags.wdsvc.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.32.110.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-110.vie50.r.cloudfront.net
js.alocdn.com
3    18.239.83.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-58.ams58.r.cloudfront.net
sb.scorecardresearch.com
1    18.165.183.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-73.zrh55.r.cloudfront.net
rules.quantcount.com
5    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
5    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    35.162.252.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-252-179.us-west-2.compute.amazonaws.com
p.alocdn.com
2    52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
8    13.69.106.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
3    108.177.15.84 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f84.1e100.net
accounts.google.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
1    52.92.238.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    44.227.40.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-40-210.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
2    143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net
tag.trovo-tag.com
1    185.102.217.65 (Bucharest, Romania)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-102-217-65.bunnyinfra.net
clientcdn.pushengage.com
1    18.238.243.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-72.ams58.r.cloudfront.net
b-code.liadm.com
1    34.238.108.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-108-29.compute-1.amazonaws.com
rp.liadm.com
1    35.173.27.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-27-72.compute-1.amazonaws.com
idx.liadm.com
Apex Domain
Subdomains		 Transfer
81 theepochtimes.com
www.theepochtimes.com — Cisco Umbrella Rank: 60648
subs.theepochtimes.com — Cisco Umbrella Rank: 89298
mp.theepochtimes.com — Cisco Umbrella Rank: 87012
img.theepochtimes.com — Cisco Umbrella Rank: 41836
2 MB
45 epochbase.com
game.epochbase.com
pwe.epochbase.com — Cisco Umbrella Rank: 83926
ea.epochbase.com — Cisco Umbrella Rank: 84986
8 MB
35 googlesyndication.com
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
ade.googlesyndication.com — Cisco Umbrella Rank: 293
338 KB
29 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
21 KB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
245 KB
27 youmaker.com
comment.youmaker.com — Cisco Umbrella Rank: 88299
356 KB
25 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
token.rubiconproject.com — Cisco Umbrella Rank: 461
73 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
483 KB
16 epoch.cloud
services.epoch.cloud — Cisco Umbrella Rank: 97165
mixproxy.epoch.cloud — Cisco Umbrella Rank: 91997
cdn.epoch.cloud — Cisco Umbrella Rank: 108015
subsapi.epoch.cloud — Cisco Umbrella Rank: 101933
383 KB
15 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3939
cdn.undertone.com — Cisco Umbrella Rank: 3126
usr.undertone.com — Cisco Umbrella Rank: 1822
22 KB
14 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
b-code.liadm.com — Cisco Umbrella Rank: 2977
rp.liadm.com — Cisco Umbrella Rank: 1632
idx.liadm.com — Cisco Umbrella Rank: 2268
23 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
insight.adsrvr.org — Cisco Umbrella Rank: 557
2 KB
12 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 23
82 KB
12 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
3 KB
8 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786
1023 B
8 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 6832
7 KB
8 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3375
gw.geoedge.be — Cisco Umbrella Rank: 4631
255 KB
7 smartocto.com
tentacles.smartocto.com — Cisco Umbrella Rank: 21508
api.smartocto.com — Cisco Umbrella Rank: 20504
ingestion.smartocto.com — Cisco Umbrella Rank: 18374
21 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
o.clarity.ms — Cisco Umbrella Rank: 7310
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
6 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
1 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
975 B
5 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
3 KB
5 t.co
t.co — Cisco Umbrella Rank: 589
1 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
2 KB
5 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 661
198 B
5 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1658
1 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3730
2 KB
5 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 4927
2 KB
5 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1354
706 B
5 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
3 KB
4 alocdn.com
js.alocdn.com — Cisco Umbrella Rank: 68184
p.alocdn.com — Cisco Umbrella Rank: 6159
3 KB
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 38198
30 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
c.bing.com — Cisco Umbrella Rank: 228
16 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
867 B
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
10 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6765
690 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
327 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
871 B
3 contentinsights.com
ingestion.contentinsights.com — Cisco Umbrella Rank: 27227
264 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
41 KB
2 trovo-tag.com
tag.trovo-tag.com — Cisco Umbrella Rank: 50255
2 KB
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 5716
419 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
2 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 40596
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
641 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
546 B
2 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274
463 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
946 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
128 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
14 KB
1 pushengage.com
clientcdn.pushengage.com — Cisco Umbrella Rank: 20529
1 amazonaws.com
s3-us-west-2.amazonaws.com
60 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
448 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
35 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
444 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
425 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2999
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
283 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
654 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
757 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
446 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
653 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
584 B
1 rackcdn.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 42503
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
1 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
9 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
618 B
501 81
Domain Requested by
43 www.theepochtimes.com www.theepochtimes.com
36 game.epochbase.com www.theepochtimes.com
game.epochbase.com
29 subs.theepochtimes.com www.theepochtimes.com
subs.theepochtimes.com
rumcdn.geoedge.be
27 comment.youmaker.com www.theepochtimes.com
comment.youmaker.com
22 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
19 pagead2.googlesyndication.com rumcdn.geoedge.be
pagead2.googlesyndication.com
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
www.theepochtimes.com
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
18 s0.2mdn.net rumcdn.geoedge.be
s0.2mdn.net
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
12 tpc.googlesyndication.com www.theepochtimes.com
rumcdn.geoedge.be
s0.2mdn.net
12 onetag-sys.com 1 redirects www.theepochtimes.com
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
11 i.liadm.com 11 redirects
11 ups.analytics.yahoo.com cdn.undertone.com
ssum-sec.casalemedia.com
11 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
a.clickcertain.com
10 eus.rubiconproject.com cdn.undertone.com
eus.rubiconproject.com
10 match.adsrvr.org fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
cdn.undertone.com
ssum-sec.casalemedia.com
8 dc.services.visualstudio.com game.epochbase.com
8 a.clickcertain.com 4 redirects www.theepochtimes.com
a.remarketstats.com
a.clickcertain.com
8 securepubads.g.doubleclick.net www.theepochtimes.com
rumcdn.geoedge.be
securepubads.g.doubleclick.net
www.googletagservices.com
7 www.google.com 2 redirects www.theepochtimes.com
rumcdn.geoedge.be
6 pixel-sync.sitescout.com cdn.undertone.com
ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com cdn.undertone.com
ssum-sec.casalemedia.com
6 googleads.g.doubleclick.net 1 redirects rumcdn.geoedge.be
www.theepochtimes.com
6 services.epoch.cloud www.theepochtimes.com
rumcdn.geoedge.be
subs.theepochtimes.com
5 analytics.twitter.com www.theepochtimes.com
5 t.co www.theepochtimes.com
5 token.rubiconproject.com eus.rubiconproject.com
5 usr.undertone.com ssum-sec.casalemedia.com
5 dis.criteo.com ssum-sec.casalemedia.com
5 image8.pubmatic.com cdn.undertone.com
5 pixel.rubiconproject.com cdn.undertone.com
5 pixel.advertising.com 5 redirects
5 us-u.openx.net cdn.undertone.com
5 secure-assets.rubiconproject.com 5 redirects
5 cdn.undertone.com www.theepochtimes.com
5 cdn.ampproject.org rumcdn.geoedge.be
5 img.theepochtimes.com comment.youmaker.com
5 ea.epochbase.com subs.theepochtimes.com
services.epoch.cloud
5 hb.undertone.com www.theepochtimes.com
5 hb.minutemedia-prebid.com www.theepochtimes.com
5 exchange.postrelease.com www.theepochtimes.com
5 colossusssp.com www.theepochtimes.com
5 hb-api.omnitagjs.com www.theepochtimes.com
5 rumcdn.geoedge.be www.theepochtimes.com
rumcdn.geoedge.be
4 tags.wdsvc.net 1 redirects www.theepochtimes.com
tags.wdsvc.net
4 creativecdn.com 4 redirects
4 match.prod.bidr.io 1 redirects ssum-sec.casalemedia.com
a.clickcertain.com
tag.trovo-tag.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 mixproxy.epoch.cloud services.epoch.cloud
mixproxy.epoch.cloud
4 mp.theepochtimes.com www.theepochtimes.com
4 www.google.de www.theepochtimes.com
4 pwe.epochbase.com www.theepochtimes.com
subs.theepochtimes.com
4 www.googletagmanager.com www.theepochtimes.com
www.googletagmanager.com
3 accounts.google.com rumcdn.geoedge.be
accounts.google.com
3 insight.adsrvr.org www.theepochtimes.com
3 p.alocdn.com 1 redirects www.theepochtimes.com
3 sb.scorecardresearch.com 1 redirects www.theepochtimes.com
3 bat.bing.com www.theepochtimes.com
rumcdn.geoedge.be
3 tentacles.smartocto.com rumcdn.geoedge.be
3 ingestion.contentinsights.com www.theepochtimes.com
3 gw.geoedge.be rumcdn.geoedge.be
3 subsapi.epoch.cloud subs.theepochtimes.com
www.theepochtimes.com
3 cdn.epoch.cloud www.theepochtimes.com
2 tag.trovo-tag.com a.clickcertain.com
tag.trovo-tag.com
2 a.usbrowserspeed.com 1 redirects tag.trovo-tag.com
2 pixel.tapad.com 2 redirects
2 ade.googlesyndication.com fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
2 c.clarity.ms 1 redirects
2 o.clarity.ms www.clarity.ms
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 a.remarketstats.com 1 redirects tag.trovo-tag.com
2 sync-tm.everesttech.net 2 redirects
2 c1.adform.net 2 redirects
2 csync.loopme.me 2 redirects
2 euexchangesync.digitaleast.mobi 2 redirects
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 sync.adotmob.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 googleads4.g.doubleclick.net rumcdn.geoedge.be
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 cms.quantserve.com 1 redirects fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
2 ingestion.smartocto.com tentacles.smartocto.com
2 api.smartocto.com tentacles.smartocto.com
2 www.googletagservices.com rumcdn.geoedge.be
2 fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com game.epochbase.com
subs.theepochtimes.com
2 unpkg.com 1 redirects www.theepochtimes.com
1 idx.liadm.com b-code.liadm.com
1 rp.liadm.com b-code.liadm.com
1 b-code.liadm.com rumcdn.geoedge.be
1 clientcdn.pushengage.com rumcdn.geoedge.be
1 region1.google-analytics.com www.googletagmanager.com
1 s3-us-west-2.amazonaws.com www.theepochtimes.com
1 www.googleadservices.com rumcdn.geoedge.be
1 c.bing.com 1 redirects
1 pixel.quantserve.com www.theepochtimes.com
1 rules.quantcount.com secure.quantserve.com
1 js.alocdn.com www.googletagmanager.com
1 static.ads-twitter.com www.theepochtimes.com
1 secure.quantserve.com www.theepochtimes.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 ad.turn.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 s.company-target.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 match.adsby.bidtheatre.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 rtb.openx.net fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com services.epoch.cloud
1 fonts.googleapis.com rumcdn.geoedge.be
1 cdnjs.cloudflare.com subs.theepochtimes.com
1 use.fontawesome.com comment.youmaker.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 polyfill.io www.theepochtimes.com
501 122

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
help.theepochtimes.com
www.geoedge.com
Subject Issuer Validity Valid
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-18 -
2024-07-17		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
epoch.cloud
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.epochbase.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-17 -
2024-01-17		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-18 -
2024-07-17		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mp.theepochtimes.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-10-24 -
2024-11-24		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ssl.cf1.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-28		 a year crt.sh
ingestion.smartocto.com
Amazon RSA 2048 M01		 2023-10-11 -
2024-11-08		 a year crt.sh
*.smartocto.com
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
match.adsby.bidtheatre.com
Go Daddy Secure Certificate Authority - G2		 2023-06-20 -
2024-07-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.alocdn.com
Go Daddy Secure Certificate Authority - G2		 2023-02-02 -
2024-03-05		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2		 2023-10-18 -
2024-11-01		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-09-02 -
2024-08-27		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh
trovo-tag.com
Amazon RSA 2048 M02		 2023-04-08 -
2024-05-07		 a year crt.sh
*.pushengage.com
AlphaSSL CA - SHA256 - G4		 2023-02-07 -
2024-03-10		 a year crt.sh
a.usbrowserspeed.com
Amazon RSA 2048 M01		 2022-12-01 -
2023-12-30		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh

This page contains 38 frames:

Primary Page: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Frame ID: 6D19505758C94273B1687A5A5D21B365
Requests: 197 HTTP requests in this frame

Frame: https://game.epochbase.com/game/word-wipe/
Frame ID: B1C028B14E508FFB1A97F53829DF26FD
Requests: 43 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
Frame ID: 7BF33417FDFB6157DF608960063FEDEB
Requests: 34 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
Frame ID: 32211C028989A76EF5B259006514E990
Requests: 3 HTTP requests in this frame

Frame: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 598B3BB1192A92D0B748B0A51451661C
Requests: 1 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Frame ID: 43E23EDFD6015CCFE7315E1418DD0225
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Frame ID: C44C409A50F93744A4B0FE616CE9774A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufAKbWIIYmwaMwYSvy3O5jWCLXna36sbuyqScnhdI1gD05uHnYAk6xjAJuRbEymg6yOxOR5MPHdMZYCCmfp1F3Rz17u3VUeGAHeJnlnYivEjAuJAEU2ANXhckHygv04T5f8cMI4rwdOfNQzwILbbuIbVpA17a9v7nMJgXaZtaS3IoPUtVAtMVYN5UgqaZONCyfeHkMGKxsHke1M2deJom8l4ec3A3YxMwB6x0iuoJqGlvizN-O58Itgvp138CaD5b_XbIcr-cwZS-vzOBdjwkjkv0y0Qmwvcagr3-lalnsspir_zFsYkrvQKUr2AOrOkA9cj83zx9SsEEIN9CmdUS-xqTQTTwijys8kR0Z4AhXdxMSzHoser0e55Z1Hgy3EoK74ER27etkkIZZxX-K6cnPK1P6NSzKnYxlPA&sai=AMfl-YTxNuK0z_dJVBZ-N_vYRcIOFnZvTDG182MdTWq6UQcyfG1g0CVBy-vrFcI6xGe1z4nem9K6OTIxJWoPail2EOtv3uivICCS4klJnAczMxHhYDaCMkP4pM9CYfNbDyGBaPNUQlDfhQhxUg&sig=Cg0ArKJSzIFs9ftSWLqdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D48473C552348256CB90895E50BDD20C
Requests: 6 HTTP requests in this frame

Frame: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E18257B731D23FC6B8AEB3C68272B82A
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGPCTif8BMAE&v=APEucNXJWqqSX__A5mHAp14WF-e2Yuqc5JGxECx7i-tifywZ0yRPzZeBqwGH26tZ7uFs4AcvRTpOBSAw2ydVJq2Yn1DJHSWBWxR40T65WrzTEIzy0_M0bEcq5o6FdPh3Xpy3cYRiQwPCd4L5txyZPE-lG1GOAC-3PbQFMPW4wTzMzCvyqjB1J-I
Frame ID: 44FE733E57EE72A404D4B864D32C9222
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1ECAF1F856F09B9C308121BC83E31FDB
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702145277676
Frame ID: 68D53B6C89AA03FE61DAD14D22F54DEB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702145277675
Frame ID: 81D9AA65998A416181826AFD4F0F2212
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: B9D9792F920CCDAC9A12C78D76BC47DA
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702145277674
Frame ID: 5D0E547410492D221775D90326A03FB2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 80CB37810EC9BBCE6DFB10462A055F98
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702145278120
Frame ID: 23831504836ABCF65C07B619A4FB80AB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: BE4CB50232AEBBBEBAC2B179A265A919
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702145277675
Frame ID: 87624743BF8CEECC1182E95DE5D70FBB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: C84E51A305F7E4F2D343036A1B7F916B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 22FFFD98350C00A6E4B119A1CCE051C6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F8EF9FA4984272003CBAF885DD841523
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
Frame ID: 0CCD182E5328997FCE4039B72E7EF4FE
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 9F00539C44101F23BCE1B1BBA755C0D9
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 05C34CD55E2188616D7688788AE0BFC2
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 12874A5B9966B39340C12C4188399F5F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 5A17F14EDEE41938B7A7200BCE35BF4C
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: A1B4F8CD56556886F401637214E78C15
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: A03A464402CB6DBFF990C26D140B9C14
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: D237AF83560E44B6921FEAE0A0D74592
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D29216507AEB32906054BDD9426B7BFD
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 21DDB3E501623F3A8CBAD74298FF6D24
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 6849D3A4565AA645D903F39BF2A7F403
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 44C2B8A5AB38305D18159BA2C4559CDD
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Frame ID: 892BEE1E3C90CE6D196863B9D2EAE2EC
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9F794AFC122FAFAE9BC3A4FBF907D2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8BF999422D796ED8FDC1BF44D67E30BA
Requests: 2 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D244b81b94c69796%26ccid%3Dd84bf73e-6450-4d6d-8bec-8090bd8ee865%26cn%3DDE%26rid%3D1ad4f74d-1cb0-425a-bbc9-af30fd186e27&ref=&v=js-0.1.0&aid=193f0456&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Frame ID: 4A348CBD3D84F3C2C505AC092BCE510B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Word Wipe -Play Now online & 100% Free | The Epoch Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

501
Requests

90 %
HTTPS

0 %
IPv6

81
Domains

122
Subdomains

90
IPs

10
Countries

12636 kB
Transfer

21346 kB
Size

108
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://unpkg.com/web-streams-polyfill/dist/polyfill.min.js HTTP 302
  • https://unpkg.com/web-streams-polyfill@3.2.1/dist/polyfill.min.js
Request Chain 181
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
Request Chain 226
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXSs--W7Y4F1D39cH6GVZgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHUEtdNdD1VI01i31VKJkyU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUEtdNdD1VI01i31VKJkyU%26google_cver%3D1
Request Chain 228
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NjA4NDAzODMwMjc5NDE0Nw%3D%3D
Request Chain 254
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFSsrIx5A2uc68mzNrIP5Yo&google_cver=1&google_push=AXcoOmTw-Nld36dcd24fE6gcBO-Nv_yqQ97RhIDizuFX7xcotCYKSuRiksOgIN6i6PBll2ylM54KsWbQ4FLa6fQOWkSObgGqXd4f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDY1ODMxMDY0NzkwNDQxMw%3D%3D&google_push=AXcoOmTw-Nld36dcd24fE6gcBO-Nv_yqQ97RhIDizuFX7xcotCYKSuRiksOgIN6i6PBll2ylM54KsWbQ4FLa6fQOWkSObgGqXd4f
Request Chain 256
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrrtjkkmbKl38P62c0zLjQ&google_cver=1&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjIT6ZJdu32zM HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrrtjkkmbKl38P62c0zLjQ&google_cver=1&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjIT6ZJdu32zM&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjIT6ZJdu32zM&google_hm=HyyAsGZHbJp4m3T7S6SuQpgt
Request Chain 257
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECAHhHbOhvIimb-HS6jNvEY&google_cver=1&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi9 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi9&google_gid=CAESECAHhHbOhvIimb-HS6jNvEY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDk2NTk2ODI4NzUxMTk3NDQ3ODcz&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi9
Request Chain 258
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPO5ixbYemRD2tg5Zo5Or2w&google_cver=1&google_push=AXcoOmTlrM2ok7iK5PzEEiplRdyQmgn0KRli3-q78Jh5vk7rI3oRc9j8NzRWTY1ZEWYvBf_g7g4qI8mqwkYSefpoy71bP3haO3AwMA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTlrM2ok7iK5PzEEiplRdyQmgn0KRli3-q78Jh5vk7rI3oRc9j8NzRWTY1ZEWYvBf_g7g4qI8mqwkYSefpoy71bP3haO3AwMA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 268
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 270
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 277
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 284
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 286
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 293
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 295
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 302
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 308
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 314
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 317
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMY3oyYZZ7bhbKtNctc_5M0&google_cver=1
Request Chain 320
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1475b187a48c415fbe94b1ff49aedbc3 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 322
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 323
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=862442839217&us_privacy=1---
Request Chain 326
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=21639db9b5894376a4b57612982c3ecb HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 327
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6261967518377147054
Request Chain 332
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=46909b65-0eb6-46b1-90b0-fb99976a179b
Request Chain 333
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828627938051
Request Chain 335
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=4207420cc8d64b7aa8e373d4838bafb9 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 336
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QK5R3Bf_VthbqVOLRKhL2UP-Udlb-F_bRv09WPQR
Request Chain 340
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=05e68e98-2f08-401e-bfce-da7908682349&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 342
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
Request Chain 344
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e0441d0a98ec40cd94db7b12ef2e70fa HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 345
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717956480&external_user_id=c1c69109-42bd-43f6-8727-0151d32a99c9
Request Chain 346
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702231680
Request Chain 347
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8812875596088597900
Request Chain 349
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=12b04797-ad9a-4b83-a774-e02e566595c6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 350
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7e41445943b042499377f0e59c022574&expiration=1704737280
Request Chain 351
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
Request Chain 357
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2af5937137ac4d31b6ad42a9a515e461 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 358
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6055212049786276455&expiration=1703354907
Request Chain 359
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXStAAAFtsXThABH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXStAAAFtsXThABH&_test=ZXStAAAFtsXThABH
Request Chain 360
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zVkekGJtX6R38vpxHHwlrlQTr7g
Request Chain 361
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 363
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=930d76ab-a9ed-4c61-b297-99a06e66df29
Request Chain 394
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=epochfun/word-wipe-epoch-games-4013587 HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=epochfun/word-wipe-epoch-games-4013587 HTTP 302
  • https://a.clickcertain.com/px/?c=244b81b94c69796&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Request Chain 397
  • https://tags.wdsvc.net/controller.js?id=100415 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702145281019
Request Chain 435
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&auid=86640b64-ee00-414b-8b45-3d3a9cebe8ea HTTP 302
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&auid=86640b64-ee00-414b-8b45-3d3a9cebe8ea&tdc=1
Request Chain 476
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7B6740B0E00646B4ABD7F302F7E82552&RedC=c.clarity.ms&MXFR=3009DEEAE097677F3068CD08E49769B9 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B6740B0E00646B4ABD7F302F7E82552&MUID=2DAA355C237F6980143E26BE22BF68F7
Request Chain 482
  • https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 486
  • https://a.clickcertain.com/px/ta/?ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d84bf73e-6450-4d6d-8bec-8090bd8ee865&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=d84bf73e-6450-4d6d-8bec-8090bd8ee865&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=45187e61-5919-4c1e-adea-6d2857c42dcf
Request Chain 487
  • https://a.usbrowserspeed.com/cs?puid=f4c80cb8-96e2-508b-bbe4-79b98a1a4990&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d1ad4f74d%2d1cb0%2d425a%2dbbc9%2daf30fd186e27%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
  • https://a.clickcertain.com/px/t/?done=true&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27&uid=5db44223-c136-4514-a524-bafe1b8bae70&hem=
Request Chain 489
  • https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Request Chain 490
  • https://a.clickcertain.com/px/r/?ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865 HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd84bf73e%25252d6450%25252d4d6d%25252d8bec%25252d8090bd8ee865%252526anx_uId%25253d%252524UID HTTP 303
  • https://a.clickcertain.com/px/li/?ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd84bf73e%25252d6450%25252d4d6d%25252d8bec%25252d8090bd8ee865%252526anx_uId%25253d%252524UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dd84bf73e%2d6450%2d4d6d%2d8bec%2d8090bd8ee865%26anx_uId%3d%24UID
Request Chain 491
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&value=0&auid=1466844356.1702145278&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=Cq10ZdjNI6SS78EPyfuhkA0&sscte=1&crd=&eitems=ChEIgL3QqwYQ5fueuL6Jz-nfARIdAIm_ku5gdGbiLGWbFQAB0Dr-oZWSrvIr1p4qlLE&pscrd=Ek9DaEVJZ0wzUXF3WVF3N0hJOVpQNjlwdk5BUkltQUhUZ01VVVBPVG1YZGxfSDJ5emtHcWwyc25ITFJBWGx1VXpnN1pSYUQ4VEdQdXkwNmlNGlpDaEVJZ0wzUXF3WVEzUGJxci16THVzV0VBUkl1QU5JUWFFbWp3ZjlGNG9UOW5OZjRXWWNoQzhKZVc1WVdnbjIxYTdLNVhpX0ZheUtTM0hDeUl3ck56QWhMOXciEwjY-pqr-YKDAxUkyTsCHcl9CNI HTTP 302
  • https://www.google.com/pagead/1p-conversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&value=0&auid=1466844356.1702145278&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0wzUXF3WVF3N0hJOVpQNjlwdk5BUkltQUhUZ01VVVBPVG1YZGxfSDJ5emtHcWwyc25ITFJBWGx1VXpnN1pSYUQ4VEdQdXkwNmlNGlpDaEVJZ0wzUXF3WVEzUGJxci16THVzV0VBUkl1QU5JUWFFbWp3ZjlGNG9UOW5OZjRXWWNoQzhKZVc1WVdnbjIxYTdLNVhpX0ZheUtTM0hDeUl3ck56QWhMOXciEwjY-pqr-YKDAxUkyTsCHcl9CNI&is_vtc=1&ocp_id=Cq10ZdjNI6SS78EPyfuhkA0&cid=CAQSKQDICaaNZX272W2p7lx_BYQUgBckyobLyTKUpYAiSfJjOq89yCjABWhI&eitems=ChEIgL3QqwYQ5fueuL6Jz-nfARIdAIm_ku7qSbaT-bGqSqHmPS1qmMaq1Xa_B2y5IAM&random=654149197 HTTP 302
  • https://www.google.de/pagead/1p-conversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&value=0&auid=1466844356.1702145278&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0wzUXF3WVF3N0hJOVpQNjlwdk5BUkltQUhUZ01VVVBPVG1YZGxfSDJ5emtHcWwyc25ITFJBWGx1VXpnN1pSYUQ4VEdQdXkwNmlNGlpDaEVJZ0wzUXF3WVEzUGJxci16THVzV0VBUkl1QU5JUWFFbWp3ZjlGNG9UOW5OZjRXWWNoQzhKZVc1WVdnbjIxYTdLNVhpX0ZheUtTM0hDeUl3ck56QWhMOXciEwjY-pqr-YKDAxUkyTsCHcl9CNI&is_vtc=1&ocp_id=Cq10ZdjNI6SS78EPyfuhkA0&cid=CAQSKQDICaaNZX272W2p7lx_BYQUgBckyobLyTKUpYAiSfJjOq89yCjABWhI&eitems=ChEIgL3QqwYQ5fueuL6Jz-nfARIdAIm_ku7qSbaT-bGqSqHmPS1qmMaq1Xa_B2y5IAM&random=654149197&ipr=y

501 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request word-wipe-epoch-games-4013587
www.theepochtimes.com/epochfun/ 		262 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
7b0116e26feef442edbcf9502c1310bb733a91f3715504744124c85af2f3e3ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
EXPIRED
cf-ray
832f30c5ef2539ca-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 18:07:56 GMT
last-modified
Sat, 09 Dec 2023 17:51:16 GMT
server
cloudflare
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-powered-by
Next.js
0e4fe491bf84089c-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/0e4fe491bf84089c-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
12
etag
"657390b2-2b20"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
832f30ca6ea139ca-FRA
content-length
11040
6bb7340ca2af5689-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		169 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/6bb7340ca2af5689-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b0a6b7e1a39cfab0b46283acb187039816c087dba5d16b7e64f78ee59a1137

Request headers

Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
12
etag
"657390b4-2a2f0"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
832f30ca6ea439ca-FRA
content-length
172784
934c4b7cb736f2a3-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/934c4b7cb736f2a3-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
12
etag
"657390b4-2b14"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
832f30ca6ea539ca-FRA
content-length
11028
9abce57f69036a9f-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/9abce57f69036a9f-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4551991444bea767a97af5120479bd3b786c29a14498dc3e13a8ea3a029dced

Request headers

Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
12
etag
"657390af-1d45c"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
832f30ca6ea639ca-FRA
content-length
119900
0a9daa1ecbd2c13a.css
www.theepochtimes.com/_next/static/css/ 		206 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/css/0a9daa1ecbd2c13a.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d47796ff9eb9aa3d3dfeca09b2b2aa7880f975b5e21adfda7ef43f745db3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
272
etag
W/"657390b2-33847"
vary
Accept-Encoding
content-type
text/css
cf-ray
832f30ca6e9d39ca-FRA
b8604733e03d8f28.css
www.theepochtimes.com/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/css/b8604733e03d8f28.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fbdb5935b28450589b76b53bb1c5d0234d14de6b66173ffc6e38b91d1b1db3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
etag
W/"657390ad-d13"
vary
Accept-Encoding
content-type
text/css
cf-ray
832f30ca6e9f39ca-FRA
53fa15469dc309b1.css
www.theepochtimes.com/_next/static/css/ 		2 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/css/53fa15469dc309b1.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16ca3aa97c894d331e7f3dadaee8f7ac8a66a30fc1f85c877bdca4cd911ef520

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
etag
W/"657390ad-851"
vary
Accept-Encoding
content-type
text/css
cf-ray
832f30ca6ea039ca-FRA
webpack-b2d0e6f204d668c0.js
www.theepochtimes.com/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aad44daac146bcce6f4af4f12a865b7dfd21a6bd11b85be0c79947c70c6f135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
12
etag
W/"657390b4-14a6"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30ca6ea839ca-FRA
1dd3208c-0d71712ce0edec8f.js
www.theepochtimes.com/_next/static/chunks/ 		157 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/1dd3208c-0d71712ce0edec8f.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c87f976cf92a16c0de1912a209b8a1d5e85fe70057222b149f4b3852ebeaed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
272
etag
W/"657390b2-27404"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30ca6ea939ca-FRA
3575-2d836e85a2302404.js
www.theepochtimes.com/_next/static/chunks/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/3575-2d836e85a2302404.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94f1a39acfe37b82ee50c1db98885a2fca89e81ca7850294df2dbde1f76972c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
272
etag
W/"657390ac-18d9d"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30ca6eab39ca-FRA
main-app-923361e5b51e402d.js
www.theepochtimes.com/_next/static/chunks/ 		429 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/main-app-923361e5b51e402d.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1104aae416bc32900e253b50a26d22beba9fa197d2d805d42b7c106b32aa51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
272
etag
W/"657390b2-1ad"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30ca8ed539ca-FRA
grumi-ip.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-106.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 17:32:42 GMT
x-amz-version-id
XHKJxLIyRvnhzGSgMnr2SKD4F8gK0HK7
content-encoding
br
last-modified
Thu, 09 Nov 2023 17:31:54 GMT
server
AmazonS3
via
1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
etag
W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2114
x-amz-cf-id
nFO9LHcPKfxR_q-xbKOiVd-e9dtYWYN7lRsAd3KtySGKezZ_TW3bMg==
polyfill.min.js
polyfill.io/v3/ 		101 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Intl%2CResizeObserver%2CIntersectionObserver
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 18:07:56 GMT
age
132408
detected-user-agent
Chrome/120.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
120
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
polyfill.min.js
unpkg.com/web-streams-polyfill@3.2.1/dist/
Redirect Chain
  • https://unpkg.com/web-streams-polyfill/dist/polyfill.min.js
  • https://unpkg.com/web-streams-polyfill@3.2.1/dist/polyfill.min.js
59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-streams-polyfill@3.2.1/dist/polyfill.min.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3530366f481c19813abb79fd15cdc5b45dbbc276401cbde7c4bf283b75a114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
751054
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGHFZ3JC6H56EZYP75BG5VFK-fra
server
cloudflare
etag
W/"ec4a-HUydLHWFwqUMHRHMwTGDjElD3/c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
832f30cad90837f5-FRA

Redirect headers

date
Sat, 09 Dec 2023 18:07:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HH7VWXDS58MT26HRYHZBK9N9-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
345
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-streams-polyfill@3.2.1/dist/polyfill.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
832f30caa8cb37f5-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ced8a878841deecdff6f491493925f4389b97abce24453d573f9a280ff405309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30025
x-xss-protection
0
server
cafe
etag
947 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 18:07:56 GMT
prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		283 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b459cc9bf965b73d8b86b4b8da20b0f019b14dcdcc33ff8909920d0f22eb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:40:10 GMT
server
cloudflare
x-microcachable
0
age
272
etag
W/"6567bdca-46db6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
832f30ca8ed839ca-FRA
x-device
desktop
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7da6525b3ff85c2794ac3298cdb395190d58431f92f46c46e5157c57a6640897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94357
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 18:07:56 GMT
api.bundle.js
subs.theepochtimes.com/lib/ 		368 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b7123bf5d1742985950f5f6ab3845907263a91e175527eb11baae5f45c3735a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 19:07:56 GMT
epoch_mparticle.min.js
services.epoch.cloud/public-labs/epoch-ai/mparticle/built/ 		247 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/mparticle/built/epoch_mparticle.min.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a88cc0764c8b56a98be9e366371284daa10fd2f4b7dfcc2e42fc0e156ffbdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 11:19:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2541
etag
W/"6572fbb1-3dae2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOfuqyxRmID6XC%2BZRkpI%2B%2FmaPSP0HQcU15yQ3CxSo%2BewHdhRBwPriBslI5jff4ACC4hwEmh9YHnIRtjoKMQQ9RqGajScXWjjFmkBQ8ORX3t6kodL2vA6ZueWMEjAAsFCLZO%2F9hAziA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
832f30caec766f6f-CDG
alt-svc
h3=":443"; ma=86400
template.css
subs.theepochtimes.com/lib/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/template.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1242
expires
Sat, 09 Dec 2023 19:07:56 GMT
email-decode.min.js
www.theepochtimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Dec 2023 15:04:24 GMT
server
cloudflare
etag
W/"6569f5f8-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
832f30ca8edb39ca-FRA
expires
Mon, 11 Dec 2023 18:07:56 GMT
/
game.epochbase.com/game/word-wipe/ Frame B1C0 		1 KB
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5780485ca22a70c4f38c463d448895c4aff0c7eae22760a31da397547b8c0e23

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 18:07:57 GMT
etag
W/"614ce374-50f"
last-modified
Thu, 23 Sep 2021 20:28:36 GMT
server
nginx/1.20.1
menuSearch.9968d4ed.svg
www.theepochtimes.com/_next/static/media/ 		685 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/menuSearch.9968d4ed.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5fbbe10f708bf6bbcc9d5d91e7209391cf9798e3ac144d3dd3db2c2e698309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-2ad"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
832f30cd7be339ca-FRA
logo.32553ed2.svg
www.theepochtimes.com/_next/static/media/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/logo.32553ed2.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ec2da6a4b0444953187ebca1373c7eee98813073fd5ce9046739d006220e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:01 GMT
server
cloudflare
etag
W/"657390b5-3f08"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
832f30cd7bea39ca-FRA
image
www.theepochtimes.com/_next/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FEpochFun_logo.bbb08190.png&w=640&q=75
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9d20a82bcd631dba5fb5a9c1dbc507baf559da09375e65b8870a328fc6e470
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
EXPIRED
server
cloudflare
etag
LJ0gqCvNYx26X7WpwdvFB7r1WdoJN15luIcKMo-G5HA=
vary
Accept, Accept-Encoding
content-type
image/webp
x-nextjs-cache
HIT
cache-control
public, max-age=315360000, immutable
content-disposition
inline; filename="EpochFun_logo.webp"
accept-ranges
bytes
cf-ray
832f30cd7bef39ca-FRA
content-length
4408
copy_link.1f77f7a1.svg
www.theepochtimes.com/_next/static/media/ 		591 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/copy_link.1f77f7a1.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26596e242c76558f8085c3d3a634ff993bc7ff98cdfb6d322bb7698c420e6bfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:01 GMT
server
cloudflare
etag
W/"657390b5-24f"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
832f30cd7bf239ca-FRA
facebook_icon.abf2c2c3.svg
www.theepochtimes.com/_next/static/media/ 		617 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/facebook_icon.abf2c2c3.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3bccf2ba4483214a64dd5d4222b45ae474f5d51bbc50bc80e7c78445e621772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
117
etag
W/"657390b4-269"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
832f30cd7bf539ca-FRA
x.772c500c.svg
www.theepochtimes.com/_next/static/media/ 		650 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/x.772c500c.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79b952455a77dfa6e4dbf3474e887a4a6cccf285881103803651bf408b4b16a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
etag
W/"657390ad-28a"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
832f30cd7bf739ca-FRA
image
www.theepochtimes.com/_next/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FEET_footer.d4ea1157.png&w=384&q=75
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a63d5248095b6078fd95a59c270efae7d1cc086d9911533010bfd6555482f96
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
EXPIRED
server
cloudflare
etag
mmPVJICVtgeP2VpZwnDvrn0cwIbZkRUzAQv9ZVVIL5Y=
vary
Accept, Accept-Encoding
content-type
image/webp
x-nextjs-cache
HIT
cache-control
public, max-age=315360000, immutable
content-disposition
inline; filename="EET_footer.webp"
accept-ranges
bytes
cf-ray
832f30cd9c2a39ca-FRA
content-length
3846
668f0bba-02f16f3e7b11d0d2.js
www.theepochtimes.com/_next/static/chunks/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/668f0bba-02f16f3e7b11d0d2.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08110fb32a9fa5e161050a13a7980c6db1bdfedbd3a09ea2b263c8520faa7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
273
etag
W/"657390ac-152b4"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cd9c3b39ca-FRA
7921-ca8ca4f34e556815.js
www.theepochtimes.com/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/7921-ca8ca4f34e556815.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d86b5ff40546e3a2ba79df35d4f926b43b145f3b84619df160fc5f1ff307633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
13
etag
W/"657390ac-488a"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cd9c4339ca-FRA
6486-f0809c28403df2c4.js
www.theepochtimes.com/_next/static/chunks/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6486-f0809c28403df2c4.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0175ef65c5d8cd4ce63c030a8c409a33f73de027b1593bf77f780f91c3b07bdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
273
etag
W/"657390af-ce4e"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cd9c4439ca-FRA
1964-f309a178157256ae.js
www.theepochtimes.com/_next/static/chunks/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/1964-f309a178157256ae.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74236a282de7c51b1adb984ae3cea6da6dd85b93ba2dbd25e9ed5602d428cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
273
etag
W/"657390ac-2e2d"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cd9c4739ca-FRA
5221-e4f233638818181d.js
www.theepochtimes.com/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/5221-e4f233638818181d.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4afeeb14c69ea6c3d2fcdb1fc6a1c065b6ed3c91fbf3dbb4dd15d1385a4661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
273
etag
W/"657390ac-184c"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac4a39ca-FRA
6037-456fe9f37ca82de4.js
www.theepochtimes.com/_next/static/chunks/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6037-456fe9f37ca82de4.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d960967ed945eccb4d33bbfa679a17ded4cbbe92a4f7cdf044943b70362a8d3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
273
etag
W/"657390af-109af"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac4c39ca-FRA
2286-a7f2ea539860831e.js
www.theepochtimes.com/_next/static/chunks/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/2286-a7f2ea539860831e.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc34f96ebf6a33e9ea084b5932084e51a96c7b7b12bdc996059964a730a6babd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
12
etag
W/"657390b4-46f5"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac5039ca-FRA
9198-f50aa2d7e3d84364.js
www.theepochtimes.com/_next/static/chunks/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8869af124bbe2c8627b005748e14edc51d21faea8ebd2e66e8e9fde87a33aa4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
273
etag
W/"657390ac-3122a"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac5139ca-FRA
4528-417d90d43a3f8294.js
www.theepochtimes.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/4528-417d90d43a3f8294.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac39a523505b8bfa1582a1d77caf1d83c9627c656da242fc184794d37b320034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
273
etag
W/"657390ac-2d02"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac5539ca-FRA
layout-312d09455a5235df.js
www.theepochtimes.com/_next/static/chunks/app/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/layout-312d09455a5235df.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a551f08a781c99cca27a8f613bcae18ba1dc1737e91d782f4acd1b1aa6b2819f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
273
etag
W/"657390b4-296c"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac5839ca-FRA
6553-96f8b4e8332835b6.js
www.theepochtimes.com/_next/static/chunks/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6553-96f8b4e8332835b6.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
064d7b833644dd282e4ab3ea2f965d8ec8d4cd6db6ab74c19d0e93df5bb6e823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
273
etag
W/"657390b2-41b5"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac5b39ca-FRA
5704-01f8a6fd6b337147.js
www.theepochtimes.com/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/5704-01f8a6fd6b337147.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58255daa744ee7478e21dd58b685345e4f76d95522a5ba987c4e73e9281336c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
273
etag
W/"657390b2-32ca"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6039ca-FRA
9297-826fe847328b43f5.js
www.theepochtimes.com/_next/static/chunks/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/9297-826fe847328b43f5.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5714f24b380cd260c5a35831912e219007b34d727bd7c9bc65f0d242b004d9cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
12
etag
W/"657390b4-860e"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6239ca-FRA
4552-d81ba207bee80515.js
www.theepochtimes.com/_next/static/chunks/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/4552-d81ba207bee80515.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3882c860de0e52e16628e5d14da86db2e9ebd8c9cd4bba36ddc1838bbf2355b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
270
etag
W/"657390b4-5dcd"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6539ca-FRA
layout-0a7748a746dd4257.js
www.theepochtimes.com/_next/static/chunks/app/(featured-category)/ 		193 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/(featured-category)/layout-0a7748a746dd4257.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b95d6c1eba546a31dc86da5797e215405b7b70513633483da057aac74119ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
270
etag
W/"657390b2-c1"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6839ca-FRA
1398-97e7f87101f22946.js
www.theepochtimes.com/_next/static/chunks/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/1398-97e7f87101f22946.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c8b9a39abc61fdc3471dae2074d453064d80f2bba2fe19d1d7d683b9c7c7223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
270
etag
W/"657390af-49f9"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6a39ca-FRA
layout-5851c912ca638e09.js
www.theepochtimes.com/_next/static/chunks/app/epochfun/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/epochfun/layout-5851c912ca638e09.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b0ee6bf5d301e1bbb21d770f5edaacf6597f16374a26c762b45eee554a1d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
etag
W/"657390af-43cb"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6c39ca-FRA
page-2bc2e356d493d59e.js
www.theepochtimes.com/_next/static/chunks/app/epochfun/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/epochfun/page-2bc2e356d493d59e.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a68896078bb7b79ae7c9b02b61d763e0c1bfc01377a43ffec36351a759bd6bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-2ff8"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac6f39ca-FRA
931-c785358ff576a023.js
www.theepochtimes.com/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/931-c785358ff576a023.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2217ed3c72b72b9496411a601e38bb2dc1520f0cbd840576541e1ef89a3eb730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
273
etag
W/"657390b2-1de9"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdac7239ca-FRA
6635-aaa70223b4b75abd.js
www.theepochtimes.com/_next/static/chunks/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6635-aaa70223b4b75abd.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ee8dc4920b2dca6621737d57c70ab1dff3b54c52001d9488d2cf048c99c3c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
273
etag
W/"657390ac-53a6"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdcc9439ca-FRA
7519-97fd592376d9d9b7.js
www.theepochtimes.com/_next/static/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/7519-97fd592376d9d9b7.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0e66bf74da8675d70138bb4b907d1bfb811dbdcb9529e1d75faa3c1311b3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-3d54"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdcc9539ca-FRA
page-9038d319943ffe65.js
www.theepochtimes.com/_next/static/chunks/app/epochfun/%5Burl%5D/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/epochfun/%5Burl%5D/page-9038d319943ffe65.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21ca4a07c0e097bc9ae3a80c091c0b4e019a5725de5db32883dbf3dd509b2249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-1e73"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
832f30cdcc9739ca-FRA
arena-api-1.2.3.js
game.epochbase.com/game/word-wipe/vendor/ Frame B1C0 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/vendor/arena-api-1.2.3.js
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e693b3afb84da4b7016ff5c3ed0c0ed15157c59eb8ae2e0120594be81c689122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
last-modified
Thu, 23 Sep 2021 20:28:36 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce374-4dec"
content-length
19948
content-type
application/javascript
game.min.js
game.epochbase.com/game/word-wipe/ Frame B1C0 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
da2f76ccfd2779e18da69a7dbda3859173b3a66810af76526d7509a8d3f05be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
last-modified
Thu, 23 Sep 2021 20:28:36 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce374-16f803"
content-length
1505283
content-type
application/javascript
analytics.js
www.google-analytics.com/ Frame B1C0 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 17:41:46 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1571
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 19:41:46 GMT
region
pwe.epochbase.com/ 		154 B
353 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/region?siteId=www.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/2286-a7f2ea539860831e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
36899f7c0fba85e69b72eb46765c908a1c2370e52053374ad4c676e75b7654f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
gtm.js
www.googletagmanager.com/ 		272 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2272682e0775d460a566b30bd03af5f2011f89aa82d39b9842f05a9b9e5fc765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94385
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 18:07:57 GMT
grumi.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ 		225 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-106.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec09ffa8255690c234df207b037a80ce1f556eefd63d312527661b20e8d17814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 17:32:34 GMT
x-amz-version-id
x3ZH575FMTlxpyLPGCmfEbrtPLq5m2la
content-encoding
br
last-modified
Sat, 09 Dec 2023 17:30:02 GMT
server
AmazonS3
via
1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
etag
W/"5a9ced6bb0a05b59ee745e1a66811e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2124
x-amz-cf-id
4ZP6AE-kdWQ5959ymtPQjz2Isf-cw36QWa6lKAJJI0lVGtc7xdBTgg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:02:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14735
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 14:02:22 GMT
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e70d56ce8503b388e740f73ab83340323412b18e87505993dafc2f6b33757268
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
30
content-length
179
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
colossusssp.com/ 		2 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:57 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=7c21cfa4ae0a3c&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV90b3BfYWRfNzI4eDkwIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dfX19XX0=&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.34.97.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-97-161.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
63e63978a63beb39f52dd2e42ec1b6f2182d82611971db292247d5825070fc3b

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
hb
hb.undertone.com/ 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-80.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
3RLr66YcYTcYfyhOChcIy4WbI5lQOmqfFNq9jOPPKRE4PTNg7cCF4g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
exchange.postrelease.com/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=132229a6fc64e25&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV90b3BfYWRfMzAweDI1MCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7267a792c8c6e393102019b5651ca816e943777d935f70ac65e624c672e918c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
14
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb
hb.undertone.com/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-80.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
Hb8Us-rkgYilN2yT0KIwUWPgc1Br8XDGXsN2O8Tt56clhA1tneBr8g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.34.97.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-97-161.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
df8becdeb3c9f0192c697dfae2577a5daa65d4408adaa70bb311d3f9e659fb3c

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
50
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:57 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:57 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cc2c76ecc8703c5262b4acc25939dd25376d87bff7bbedc206726b15cdf48527
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
18
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.34.97.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-97-161.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
6373515f83c102404fd8607c310f6554c903aca309d31b7e41bfaca07466f7e3

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
29
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb
hb.undertone.com/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-80.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
TwpCEtTdiOP86ShGZ2-oYzqGliOpkDu4oSAOQZRceYz1s00xtgo-Aw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=35bf08b7080c633&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV9yaWdodF90b3BfYWRfMzAweDYwMCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdLFszMDAsNjAwXV19fX1dfQ==&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjAsImdhbWVfcmlnaHRfdG9wX2FkXzMwMHg2MDAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=37a253c7c05c2be&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV9yaWdodF9ib3R0b21fYWRfMzAweDI1MCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjAsImdhbWVfcmlnaHRfdG9wX2FkXzMwMHg2MDAiOjAsImdhbWVfcmlnaHRfYm90dG9tX2FkXzMwMHgyNTAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
hb
hb.undertone.com/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-80.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
MyOnjYCJzZAs4Am9sAuYzHQkmom4-yTDqM1u84ychgcYdeafXscqpg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.34.97.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-97-161.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
edb110e170d041ed8545980c83dcb26efac6205ecc2560f7eed8bc25db10776b

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
28
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca5f39ea0a89d8e7a417b7ad8628719cb5855d4a4b3f7a17ce1b6b8f1dacb476
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
24
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:57 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
/
comment.youmaker.com/web/v3/ Frame 7BF3 		774 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/1dd3208c-0d71712ce0edec8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5ca92c06dc31883efdd21b50d74cfd8756fa7a312728339494e2298cb40b6a9f

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 18:07:57 GMT
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
vary
Accept-Encoding
via
1.1 google
x-robots-tag
noindex
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je3bt0v884763001&_p=1702145277545&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2124889639.1702145278&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702145277&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&dt=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&ep.eet_page_type=post&ep.all_term_ids=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329&ep.eet_cat_names=Epoch%20Fun%3BPuzzle%20Games%3BLatest%3BSpecial%3BBrain%20Games%3BWord%20Games%3BEpochFun%20Premium&ep.eet_author_name=Epoch%20Puzzles&ep.eet_primary_category_name=Word%20Games&epn.eet_post_id=4013587&tfd=1866
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RD0QM5H02Q&cid=2124889639.1702145278&gtm=45je3bt0v884763001&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RD0QM5H02Q&cid=2124889639.1702145278&gtm=45je3bt0v884763001&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1868451069
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 17:41:46 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1571
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 19:41:46 GMT
geo
subs.theepochtimes.com/rules/ 		115 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/rules/geo
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a1c3b720fb7ce71ab6a38d07d5b7f75b4fceba10265032033bb4d788163f024b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/?random=1702145277667&cv=11&fst=1702145277667&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&auid=1466844356.1702145278&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7b885ac4b0c0d1ac4b43e0b565762f52251f64eafefef8f54a3c0d3bc9b48037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.7036b77e.js
comment.youmaker.com/web/v3/static/js/ Frame 7BF3 		466 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c34e5d3266ea00298001d8d288f2772c0829a74b54b7687b683a3dcdd91a4d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/javascript
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
main.f8b20501.css
comment.youmaker.com/web/v3/static/css/ Frame 7BF3 		300 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
26334b6e9122b102cc66898bceee5be00927575ff5bce29907a7b35a94688f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
text/css; charset=utf-8
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
/
www.google.com/pagead/1p-user-list/717879253/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/717879253/?random=1702145277667&cv=11&fst=1702144800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&fmt=3&is_vtc=1&cid=CAQSGwDICaaNqvmqE_VnnG7Zn_QVhEZYWld7LFc-vw&random=3450288109&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/717879253/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/717879253/?random=1702145277667&cv=11&fst=1702144800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&fmt=3&is_vtc=1&cid=CAQSGwDICaaNqvmqE_VnnG7Zn_QVhEZYWld7LFc-vw&random=3450288109&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
ea.epochbase.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
config
mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/config?env=0&plan_id=eet_data_plan
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f8b372c88e736e4cc5dbbc3d83007d604724ddacad1f00b7c980f92ed44ac7be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
87
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200114_IAD
x-cache
HIT, MISS, HIT
content-length
1890
x-served-by
cache-iad-kcgs7200114-IAD, cache-cph2320040-CPH, cache-cph2320025-CPH
server
Kestrel
x-timer
S1702145278.913766,VS0,VE1
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
48, 0, 1
get
subs.theepochtimes.com/template/ 		185 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=signin&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
get
subs.theepochtimes.com/rules/ 		2 MB
250 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/rules/get?sid=www.theepochtimes.com&pid=4c14e06e-dead-4a19-833b-f676ae9d77da
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
84bf71e26352447745b6c6b0c71b94e705789ec819b5146608fc5ccb76672c2e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:57 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
ea.epochbase.com/api/pw/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:59 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
identify
mp.theepochtimes.com/identity/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/identity/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3332
date
Sat, 09 Dec 2023 18:07:57 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
329, 0
x-fastly-trace-id
2929721665
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-cph2320025-CPH, cache-cph2320025-CPH
x-timer
S1702145278.954541,VS0,VE11
identify
mp.theepochtimes.com/identity/v1/ 		176 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/identity/v1/identify
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
090945454862f04e84f8556e0e298b45115b28c5c28b9b2fdac7387635bde5c1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us2-c639a6aabfcf124097c91276dd5884fb
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-cph2320025-CPH, cache-cph2320025-CPH
strict-transport-security
max-age=900
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 09 Dec 2023 18:07:58 GMT
server
Kestrel
x-timer
S1702145278.010883,VS0,VE304
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us2_origin
x-cache
MISS, MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
2929721927
accept-ranges
bytes
x-cache-hits
0, 0
show
subs.theepochtimes.com/template/ Frame 3221 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d7cd879df53ece5f82d10656b7890db0b9210823870eef37fceef4d7b133dd1c

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Accept-Encoding Origin
via
1.1 google
x-robots-tag
noindex
all.css
use.fontawesome.com/releases/v5.0.12/css/ Frame 7BF3 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
429194
etag
W/"d896a88b71aa2ba5d6bd670429bf1bad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXmHB6lKrSfxJz92ynhw0dcKePr3nWRZvgmb%2F%2BG%2BcX8obfinm8wR4nCnNM6o20UOc%2FR89g28UiFUN2jHbxokgPgtIuXX1tv2uyMpxVk%2FdnQhQwpyPTSppEfYgKmrGqV9%2F6mbyC5p"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
832f30d63b1faaa5-SJC
alt-svc
h3=":443"; ma=86400
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=5201&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=8200&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10208&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10204&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10205&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
epoch_mixpanel.min.js
services.epoch.cloud/public-labs/epoch-ai/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/epoch_mixpanel.min.js?v=2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f05e45157561299fdf9c77b4ead956006bd678b5e82ad3180d5284e333c3ca28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Nov 2023 17:57:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2446
etag
W/"6564d893-2ffb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSrfoFwvgRj0N6s8IlJdMsw3WegcteJRAEwTwYSutVbBh5PPQPgR9%2BtvYaMv2veJqbN3jIvyJaDtb2kbdoHHQzwnxDZ9o7cuFUEotOKzHEQ760dpY6fPDUhY9XhQTWHJrBQmqAZFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
832f30d3dfa86f6f-CDG
alt-svc
h3=":443"; ma=86400
optimizer.min.js
services.epoch.cloud/public-labs/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/optimizer.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9814f85523d0253897e2447a36fdbdc2a5e7647eb96c192f3d278393c955d2f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 16:28:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2739
etag
W/"655e2c4a-8651"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdjE9KstN43TNuy9l4vhXmVLkfGvJcL%2FRR2EUql5Hcmtt0SJIG9A%2FQkoUErvERHwtTBoCdMztburu9wM7srZ8r%2BRR6bHXD1%2FnnuaZqpJ%2BTKp03kLqpuaCj8Qr%2B9WsbWqoxyjq5MO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
832f30d3ffbd6f6f-CDG
alt-svc
h3=":443"; ma=86400
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
get
subs.theepochtimes.com/template/ 		60 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=45ddbb93-dccc-4911-a2da-88d44b296ccc&sid=www.theepochtimes.com&type=noniframe
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
cda3dd8b74a8cb2699277dc3b4d82ac4482304fe884d47bc7638111bb5257bd8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=5201&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=8200&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
auth
subs.theepochtimes.com/subs/ 		41 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10208&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
auth
subs.theepochtimes.com/subs/ 		41 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10204&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10205&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
get
subs.theepochtimes.com/template/ 		40 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=e4d5c7ed-b909-475c-919f-6721cf03f5d0&sid=www.theepochtimes.com&type=noniframe
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
03268fb285ed8486b6a21e5106f8faa3d517434bbf60c0e9a09e7e2737ce1345

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:58 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
hb
hb.undertone.com/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-80.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
0pYgu0I3u3LkBaTcxsP4GGhlFl9iKDIsg5mdEWqtWqvmtGusBBYPig==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.34.97.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-97-161.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
add65f9e789b4ec7cd59d954546c3e297c4ba076d030c47d35a30ad8a9d522d0

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9406aae952c5f51fc59ce8d06f1fce44f39e8e75a3e41bcb157d4217f7651685
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
18
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=596353ebc0553be&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV9ib3R0b21fYWRfNzI4eDkwIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dfX19XX0=&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjAsImdhbWVfcmlnaHRfdG9wX2FkXzMwMHg2MDAiOjAsImdhbWVfcmlnaHRfYm90dG9tX2FkXzMwMHgyNTAiOjAsImdhbWVfYm90dG9tX2FkXzcyOHg5MCI6MH0=&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2183470354634022&correlator=2361634775129009&eid=31079927%2C44807690%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=5965368%2CEET_D_game_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&didk=3042669188&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702145278078&lmt=1702144276&adxs=140&adys=96&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&vis=1&psz=975x0&msz=970x0&fws=4&ohw=975&ga_vid=2124889639.1702145278&ga_sid=1702145278&ga_hid=682386227&ga_fc=true&dlt=1702145276526&idt=1121&cust_params=EET_user_plan%3D%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26EET_user_type%3Danonymous%26EET_category%3Deet_epochfun-137957%252Ceet_puzzle-games-152300%252Ceet_joypass-free-155614%252Ceet_special-epoch-games-155638%252Ceet_brain-games-156107%252Ceet_word-games-156911%252Ceet_epochfun-premium-166969%252Ceet_frontaudio-161329%26EET_post_tag%3Dgames%26EET_author_name%3DEpoch%2520Puzzles%26EET_post%3D4013587&adks=1797975165&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
f736db1f3aff72e5a1afe7af1881de58bc4f06d0bb5f61abe17d45e5b9b2131d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11682
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 598B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 18:07:58 GMT
expires
Sun, 08 Dec 2024 18:07:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2183470354634022&correlator=2361634775129009&eid=31079927%2C44807690%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=5965368%2CEET_D_game_right_top_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&didk=3201861404&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702145278090&lmt=1702144276&adxs=1153&adys=120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&vis=1&psz=320x0&msz=300x0&fws=4&ohw=1325&ga_vid=2124889639.1702145278&ga_sid=1702145278&ga_hid=682386227&ga_fc=true&dlt=1702145276526&idt=1121&cust_params=EET_user_plan%3D%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26EET_user_type%3Danonymous%26EET_category%3Deet_epochfun-137957%252Ceet_puzzle-games-152300%252Ceet_joypass-free-155614%252Ceet_special-epoch-games-155638%252Ceet_brain-games-156107%252Ceet_word-games-156911%252Ceet_epochfun-premium-166969%252Ceet_frontaudio-161329%26EET_post_tag%3Dgames%26EET_author_name%3DEpoch%2520Puzzles%26EET_post%3D4013587&adks=3838852029&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
111161803f4ff768b77702f4e903f5f8552bdc2fe4fc30603115636ef8566181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11902
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2183470354634022&correlator=2361634775129009&eid=31079927%2C44807690%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=5965368%2CEET_D_game_top_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&didk=254739873&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702145278096&lmt=1702144276&adxs=1153&adys=96&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&vis=1&psz=320x0&msz=300x0&fws=4&ohw=1325&ga_vid=2124889639.1702145278&ga_sid=1702145278&ga_hid=682386227&ga_fc=true&dlt=1702145276526&idt=1121&cust_params=EET_user_plan%3D%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26EET_user_type%3Danonymous%26EET_category%3Deet_epochfun-137957%252Ceet_puzzle-games-152300%252Ceet_joypass-free-155614%252Ceet_special-epoch-games-155638%252Ceet_brain-games-156107%252Ceet_word-games-156911%252Ceet_epochfun-premium-166969%252Ceet_frontaudio-161329%26EET_post_tag%3Dgames%26EET_author_name%3DEpoch%2520Puzzles%26EET_post%3D4013587&adks=2135588503&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
52326503523c26c27ea884d31be9d7eb0cdb7804e719557f31f2d851edb8b357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13130
x-xss-protection
0
google-lineitem-id
6424624264
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138456763020
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
userId.bundle.js
subs.theepochtimes.com/lib/ Frame 3221 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ead0293d41f0c5fef76a0205ad3060391bdbeec5ae4920c5c6d2edec8bdea2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 19:07:58 GMT
lib.min.js
mixproxy.epoch.cloud/mixpanel/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Requested by
Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/epoch_mixpanel.min.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
208
x-guploader-uploadid
ABPtcPqOAqHlJydXJ0bQJ1Xxq9ZbhH7s_q6vA9fiwLea5TSG9-eQjiRRT0VQ7mioB4jMT-Rye9A1mxYvKTfqhmNid8RyxxeicAYf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 19:54:10 GMT
server
cloudflare
etag
W/"dff66d0b72bdc18a02be56412d5ef8c4"
vary
Accept-Encoding
x-goog-hash
crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
x-goog-generation
1699991650202934
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gI2ltJcYL9Fu4hqBGaJMuPjNRILm0FFJoBqSh%2FdwMl7egJAqnUIVgtOQcy4jlKrKGe6kYP7FyUX6SDq9MZlv4GS4jRgavJXoyDZTASCaGvpeDhvGSpsXuEdjMgNmveHgNe1CxwDQuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
18139
cf-ray
832f30d468526f6f-CDG
expires
Sat, 09 Dec 2023 18:09:47 GMT
/
mixproxy.epoch.cloud/mixpanel/track/ 		1 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1702145278185
Requested by
Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400
content-length
1
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLQemC25qK1GHNUvrnbsYguP285wz1%2Bg%2BCcD%2BqELMjX2sjd6ZpuxDnOO5sN1om3k0Wf9drFA46HLjjAlGYxo3%2FBDewaA7z6URgdPn%2FVGmN2kF5rMAUxPPX8THhOCg6OngjOev3YXBg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
832f30d4c8a66f6f-CDG
access-control-allow-headers
X-Requested-With
et_so_utils.js
services.epoch.cloud/public-labs/epoch-ai/smarto/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/smarto/et_so_utils.js?v=2023-12-09T18
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946c9c95fb7da4ae9249907e40e11291c00135e70991d34811f08617b20a5b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
506
etag
W/"65369e4c-3506"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwWLGMhqMOV9hh264A56hncPHDRcFfcngS7z97ievsBkYZGBy9Kw7ee465p7WTypJVPZoZShebJyHB4D6IvjMLeHeRp%2F9pPNV6nC9I2wKMevQ3ceVLoY9rdDIFVxr6eDsj6EWEowQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
832f30d4e8c06f6f-CDG
alt-svc
h3=":443"; ma=86400
RingsideNarrow-Semibold.otf
cdn.epoch.cloud/assets/fonts/ Frame 3221 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Semibold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfabd954a3ec494e41f63bab6f12a56ce35150c3b6eb0da47f1e61d5c22bfc2a

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
908
alt-svc
h3=":443"; ma=86400
content-length
126440
last-modified
Fri, 26 Jun 2020 15:18:33 GMT
server
cloudflare
etag
"5ef611c9-1ede8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3Q942G77RiH7%2B5RNoUzxUHvrMMUBa%2BNh6yaV%2By1c8DUt7hTzyODQIkiM4ftDWFu2CU5d7TSKjxIhtYpcZEcIGav53hDmkdNcsDWOt2duF5fFyMEu2BLsbGgOfQbfE0O8V4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f30d75d6007ef-IAD
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10214&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10214&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
get
subs.theepochtimes.com/template/ 		199 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&version=22
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c99085b7fb1f2a887546ef03893582856b0ca792472ad92629a75177e66a803e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199
get
subs.theepochtimes.com/template/ 		205 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
show
subs.theepochtimes.com/template/ Frame 43E2 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e97d8149dc317e178046ef61138fcf44e2466f5c631a73a9549e51553b030490

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 18:07:58 GMT
server
nginx/1.20.1
vary
Accept-Encoding Origin
via
1.1 google
x-robots-tag
noindex
170.cd359634.chunk.js
comment.youmaker.com/web/v3/static/js/ Frame 7BF3 		746 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/js/170.cd359634.chunk.js
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
41a491b6ec4c4ba2be42e5bf9040f0dc254b0fb6db203ad01cdfa10145fdcd21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/javascript
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
920.163caa5c.chunk.css
comment.youmaker.com/web/v3/static/css/ Frame 7BF3 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/css/920.163caa5c.chunk.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a7cf9d7d46a9d9b0d83d6d91e82f11dd37fbffab2d8841b530f352be0cb6cbd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
text/css; charset=utf-8
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
889.c22e2dd1.chunk.css
comment.youmaker.com/web/v3/static/css/ Frame 7BF3 		666 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/css/889.c22e2dd1.chunk.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
48b782933f4ffe1e923111eb93d3924b4807e78ce63064d0b01e0f96de529a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
text/css; charset=utf-8
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
889.50003970.chunk.js
comment.youmaker.com/web/v3/static/js/ Frame 7BF3 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/js/889.50003970.chunk.js
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
13b81e5fbcfd1eceeed6736de88e9fce3edf25dead86bb944c0cfe179695128b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/javascript
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
user
comment.youmaker.com/api/v1/ Frame 7BF3 		57 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/user?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a272a50a6b0526fe9222d72f29741b9d91a156ff75439a43b728fe1d5a6fec0f

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
accept-language
de-DE,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
expires
Thu, 01 Jan 1970 00:00:00 UTC
config
comment.youmaker.com/api/v1/site/ Frame 7BF3 		390 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/site/config?site=remark&group=&id=4013587
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
6d819e03aaf3877c15b1d7d532cf06316663cad1aca835ac99497ab08e0bf0e9

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
accept-language
de-DE,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 UTC
readonly
comment.youmaker.com/api/v1/ Frame 7BF3 		138 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/readonly?site=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&id=4013587&group=
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1f9968ad44660715b6ae762981573f34367a5bca48496d1d12b02d4c2c8b9601

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
accept-language
de-DE,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
expires
Thu, 01 Jan 1970 00:00:00 UTC
userId.bundle.js
subs.theepochtimes.com/lib/ Frame 43E2 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ead0293d41f0c5fef76a0205ad3060391bdbeec5ae4920c5c6d2edec8bdea2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 19:07:58 GMT
react.production.min.js
pwe.epochbase.com/libs/react@17.0.2/ Frame 43E2 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/react@17.0.2/react.production.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:41:14 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
react-dom.production.min.js
pwe.epochbase.com/libs/react@17.0.2/ Frame 43E2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/react@17.0.2/react-dom.production.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:41:06 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ Frame 43E2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
820831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YqfzRYFtQdxOPCFRxMh60UTvzlLXH9nOXjs8pbEjI%2F%2BgyxwKHrN3yoAP4TVyReR5N9ZKrb7QDj6E2W1jXMWnef8r3FV7zd9OXayKbFy0a2800wUcYcjZjBd8TBzcE6s7E%2BtObhW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832f30d7debd69a3-FRA
expires
Thu, 28 Nov 2024 18:07:58 GMT
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 43E2 		152 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyNWY1YmI3ZDUtNDAwNy00NWMxLWEwZGUtNDk4ODc2ZDU3YmFmJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyREUlMjIlMkMlMjJjaXR5JTIyJTNBJTIySEUlMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMjk2MSUyQyUyMmxvbmdpdHVkZSUyMiUzQTkuNTI5JTdEJTJDJTIyc3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMmhpc3RvcmljU3Vic2NyaXB0aW9ucyUyMiUzQSU1QiU1RCUyQyUyMnN1YnNjcmlwdGlvbiUyMiUzQSU3QiUyMnN1YnNjcmliZWQlMjIlM0FmYWxzZSUyQyUyMnJlZ2lvbklkJTIyJTNBJTIyJTIyJTJDJTIyc3Vic2NyaXB0aW9uVHlwZSUyMiUzQSUyMiUyMiUyQyUyMnBsYW5JZCUyMiUzQSUyMiUyMiUyQyUyMmV4cGlyYXRpb24lMjIlM0EwJTdEJTdE&tn=Organic%20RW&rs=1&variantName=Games-0821-desktop&primary_category=epochfun-137957%3Bpuzzle-games-152300%3Bjoypass-free-155614%3Bspecial-epoch-games-155638%3Bbrain-games-156107%3Bword-games-156911%3Bepochfun-premium-166969%3Bfrontaudio-161329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b6051eb8460dbc63587d56206715f76947845fc5c36f4ecd7e2abb83c6ffbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Dec 2023 21:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1134
etag
W/"656ba04a-25e11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkfzYjac2fp4G22Ogwjxl%2B6VBC86O28LbpFaw%2B5hKYeuohJubHJkPwyFdm8lPn7P8nF8RI%2Bts9OHPO%2FGwC6hLBx4Mhn13FQbVmdFhDme1VJsT6z7uaA2nwumcQaQfiiu7wOoGnrmgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
832f30d7dbbe3970-IAD
alt-svc
h3=":443"; ma=86400
counts
comment.youmaker.com/api/v1/ Frame 7BF3 		111 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark&post=id
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d85cccb998525357165b9bd3469eaa3c4f21d22c31df16e062a3db5e875ca77d

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
accept-language
de-DE,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-SITE-ID
remark
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Sat, 09 Dec 2023 18:07:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://comment.youmaker.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
20
comment.youmaker.com/api/v1/getlist/ Frame 7BF3 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/getlist/20?site=remark&group=&offset=0&sort=-time&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&id=4013587
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
769dac09245c6c25acf049d2fcd35d51389c94e5284aa432b10eff03391c2c7c

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
accept-language
de-DE,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 UTC
truncated
/ Frame 7BF3 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bf4473ecc25fc8a56c7da4846022537d11e73a499922e0a16be9b8f83869052

Request headers

Referer
Origin
https://comment.youmaker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Acta-Book.otf
img.theepochtimes.com/fonts/ Frame 7BF3 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-Book.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.11.158 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-11-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:07:59 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Access-Control-Allow-Credentials
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length
548
RingsideNarrow-Book.otf
img.theepochtimes.com/fonts/ Frame 7BF3 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideNarrow-Book.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.11.158 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-11-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:07:58 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
126860
Last-Modified
Tue, 11 Jul 2023 21:21:51 GMT
Server
nginx
ETag
"64adc7ef-1ef8c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=25822192
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
RingsideNarrow-Medium.otf
img.theepochtimes.com/fonts/ Frame 7BF3 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideNarrow-Medium.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.11.158 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-11-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:07:58 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
126244
Last-Modified
Tue, 27 Jun 2023 23:57:44 GMT
Server
nginx
ETag
"649b7778-1ed24"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=25277500
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
grumi.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ Frame C44C 		225 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-106.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec09ffa8255690c234df207b037a80ce1f556eefd63d312527661b20e8d17814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 17:32:34 GMT
x-amz-version-id
x3ZH575FMTlxpyLPGCmfEbrtPLq5m2la
content-encoding
br
last-modified
Sat, 09 Dec 2023 17:30:02 GMT
server
AmazonS3
via
1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
etag
W/"5a9ced6bb0a05b59ee745e1a66811e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2125
x-amz-cf-id
sHLC7gnzHr1t_eqDM9kXFsovJ44vGmuQVLBV0OQGYjOb9-4N-GcFOA==
authSignInCombo-1.8.umd.js
pwe.epochbase.com/libs/ Frame 43E2 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/authSignInCombo-1.8.umd.js?_=1702145278855
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/userId.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8d7197efe5adf3873f69718a761413a2bfdc3327acff23ab819c8e057a9d0848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 02 Dec 2023 05:02:38 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
mixproxy.epoch.cloud/mixpanel/track/ 		1 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1702145278884
Requested by
Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
23
alt-svc
h3=":443"; ma=86400
content-length
1
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmQfTdV8ojKe25iTizEvbKc8hf8AzlPGous0VwQTpAdEkF2yItN5kBDJYd3poPK0gFZNjpAL9Zd8rbR9CDO99KdmZ%2BdK6f7QIc9EU6AnHDfpC47F5hSM9TJNmUkq94IZLAqdQLHLtg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
832f30d95bc60810-IAD
access-control-allow-headers
X-Requested-With
c
ea.epochbase.com/api/eet/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/eet/c?site=www.theepochtimes.com&tid=P-KDJOIELE2&en=mp_wall_impression&cid=be2a493b-ab80-4b2b-d61e-f4c971a4c75a&dl=https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Requested by
Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/mparticle/built/epoch_mparticle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:07:59 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata?site_id=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame C44C 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 15:27:25 GMT
age
96033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 15:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C44C 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 20:29:39 GMT
age
77899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 20:29:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C44C 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 01:47:30 GMT
age
58828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Dec 2024 01:47:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C44C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 20:42:11 GMT
age
77147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 20:42:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C44C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 10:33:30 GMT
age
27268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Dec 2024 10:33:30 GMT
truncated
/ Frame C44C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b75f150ce95db244f781f214d2dbc7e9323ea03b5a2801cd97cd622af7e5c06d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
13655389651312230936
tpc.googlesyndication.com/simgad/ Frame C44C 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13655389651312230936?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkh6xCA89PiAbLpXqeimH-gj575VQ
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
66e8082d322d5952c294fec5f9d4604e86c4e87cf81dc5661a2446d3573f797c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:34:31 GMT
x-content-type-options
nosniff
age
408807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54391
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 10:02:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Dec 2024 00:34:31 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C44C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:32:51 GMT
x-content-type-options
nosniff
server
cafe
age
81307
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 09 Dec 2023 19:32:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C44C 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
73880
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 09 Dec 2023 21:36:38 GMT
l
www.google.com/ads/measurement/ Frame C44C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxhO0gxEkEZCy0oXSiCow9_BRIi3tyZ4tNMMG3Js5vkCeV1D2L5lJQ4wTBwUo3t8qNiG9U3EiKYesDWMcn1yhe3u2oqw
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
init
gw.geoedge.be/api/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.24.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-24-34.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
content-length
0
x-amz-cf-id
Ok0jz0VdnQHW3XEPQQzUQeNLaxi2jOvA5lUE2BIi2UQk5ue1jz4GOA==
x-cache
Miss from cloudfront
reply
comment.youmaker.com/api/v1/counts/ Frame 7BF3 		1 KB
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts/reply?site=remark&group=&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&id=4013587&post=gids
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e5e3f1a9fdb7bf262bc92b2e8954e3251709b230989d52ee068a8dd4210acc31

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
accept-language
de-DE,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-SITE-ID
remark
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding, Origin
app-name
remark
content-type
application/json; charset=utf-8
access-control-allow-origin
https://comment.youmaker.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
popup.html
rumcdn.geoedge.be/rbu/ 		40 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/rbu/popup.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-106.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8496667e6ca10b43d843e825b1f87efa7afc417328b26f815c1b3c5b533ec1a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 17:32:31 GMT
x-amz-version-id
syIMtMYORg3qGAt5iZTB_5DSJtjB6jsO
content-encoding
br
via
1.1 4c691f43539bb56ddcaef755730a6e86.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
2129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 08 Aug 2023 11:45:58 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1691495156/ctime:1691495156/gid:497/gname:jenkins/md5:52896e48320c4224eb8de1f2c93cb04d/mode:33188/mtime:1691495156/uid:498/uname:jenkins
etag
W/"52896e48320c4224eb8de1f2c93cb04d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-id
0kkyrwYeVl3WwCnOKl-rxGajjs420jUAWTn0juj6qyE8GWgHvvhbzQ==
truncated
/ Frame C44C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d9e0d05669a3610c7263c551b8b406344c148713485f7e8124f61b05e2463cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
rw-lock-icon2.png
cdn.epoch.cloud/assets/static_assets/ Frame 43E2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/rw-lock-icon2.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb9a1cfcfe8dbb1cefe4c71f6de8440eb41cc85b91f4a9fedc7fa5ecc635870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416
alt-svc
h3=":443"; ma=86400
content-length
1538
last-modified
Mon, 01 Aug 2022 15:35:04 GMT
server
cloudflare
etag
"62e7f2a8-602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ3Uzn50JkqwSEdlJUU4qYL5XJVie0Y7qtMejM2C9oGqEoD8pilbrNMDxxGAbzes50H5wcCQQEAgKfbvyiJN7a4WcdbKJPggKw0M5ZPn%2BlGOxoxFzKCUxzZKqhrVFwEToLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
832f30da6d1b0810-IAD
expires
Sat, 09 Dec 2023 18:11:03 GMT
RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ Frame 43E2 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
104
alt-svc
h3=":443"; ma=86400
content-length
126244
last-modified
Tue, 07 Jun 2022 20:08:09 GMT
server
cloudflare
etag
"629fb029-1ed24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvESuBcAwNyLWQ9VnE3QwzM44uKSk5HX%2F1cbUnFwteNeazuPsdFprlDpSwnFIpTkYL0UfesohgvfiZK7igfv5wUF0F0Ziw%2F4M%2B1xB5dtvziGAwSTJqaOc6dnreB7Ru%2BMEWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
832f30da68eb07ef-IAD
senddata
subsapi.epoch.cloud/db/ 		16 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/668f0bba-02f16f3e7b11d0d2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlrPRdNAlWGIS8IhX1%2FUONoOqBwDKoTFNJUYxIZOfWdKEhqcgdOSrZfsxBDseH8rZ6lU%2BDOolaKXwwQBXVJ%2FtNhi8eT3XLw1QbjXd2fZPNBvccqhX78DyZICJKNgdYwkNXZifjHK"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
cf-ray
832f30dd59ff0854-IAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
16
alt-svc
h3=":443"; ma=86400
senddata
subsapi.epoch.cloud/db/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
832f30dc8b7007ef-IAD
content-length
0
date
Sat, 09 Dec 2023 18:07:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0DqJQTLuGC6LEVOW2Jhw9wqzCiVwd9xSDlZ%2F5G%2BkztY0WqTcLcXwiUv4sM3QaCOvbyxlDZpFH4wFjiOiUYyCd5pXVwTxbJHBHe1ujp%2BzbHpeWyh8hh%2BiQsPb%2FDxKLyy6WuXjzzB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
si
googleads.g.doubleclick.net/pagead/drt/ Frame C44C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date
Sat, 09 Dec 2023 18:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D484 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufAKbWIIYmwaMwYSvy3O5jWCLXna36sbuyqScnhdI1gD05uHnYAk6xjAJuRbEymg6yOxOR5MPHdMZYCCmfp1F3Rz17u3VUeGAHeJnlnYivEjAuJAEU2ANXhckHygv04T5f8cMI4rwdOfNQzwILbbuIbVpA17a9v7nMJgXaZtaS3IoPUtVAtMVYN5UgqaZONCyfeHkMGKxsHke1M2deJom8l4ec3A3YxMwB6x0iuoJqGlvizN-O58Itgvp138CaD5b_XbIcr-cwZS-vzOBdjwkjkv0y0Qmwvcagr3-lalnsspir_zFsYkrvQKUr2AOrOkA9cj83zx9SsEEIN9CmdUS-xqTQTTwijys8kR0Z4AhXdxMSzHoser0e55Z1Hgy3EoK74ER27etkkIZZxX-K6cnPK1P6NSzKnYxlPA&sai=AMfl-YTxNuK0z_dJVBZ-N_vYRcIOFnZvTDG182MdTWq6UQcyfG1g0CVBy-vrFcI6xGe1z4nem9K6OTIxJWoPail2EOtv3uivICCS4klJnAczMxHhYDaCMkP4pM9CYfNbDyGBaPNUQlDfhQhxUg&sig=Cg0ArKJSzIFs9ftSWLqdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D484 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 18:07:59 GMT
15758331071134037890
tpc.googlesyndication.com/simgad/ Frame D484 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15758331071134037890?
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
6550504b2d2171925aad320f72680881d883a3273a6147adf5f470fb0bd42ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 05:46:44 GMT
x-content-type-options
nosniff
age
44475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114047
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 20:08:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 05:46:44 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C44C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMeiq_qx0ZYWVCOrG7_UPurWfiArRp5LZdOXYlb3BDt7ZHhABIOjQsB9glaqzgsAHoAHnn9O3AsgBAuACAKgDAcgDCKoE3wJP0EARoNASBXIZXzHKiZohmQKVTbJBK4WH-gz70cYGZ1i3Y5XuC9nhM7fZ6r7Gge3CG_PCeB_tl1F6L0hh2tGYtwHebOLCs2xN6z_1aJfyb9bb4OUO6CqQTWQ-jvqZ9G3Besp943ypZzmBrniV6CpSuW7FCexrtRtNARf_25B0iHnkKUMMpiy6wrgEHb8hOY50OvPfs4eJ5ohXoDTpP-VUG4uLbil_mdvaChTf-EuDjOppjrsYzEgl5szGc4J6jf8dsXRWvnwvD5WS1FROzlmLO9_MeG-10DJ9o_VfjQ7XCQgj9lhfAKDXJ2p91VfeOjN5gWY6tPLuYvrk2286IxY8RcR_RzxTZfd6QpNAdaS2qezr1k8lSBjM9MAsqRj9T3439jKlpBDjMg2WCWRYuPuMka6K3uy6IJU2Rp-fPse0F5oasv9BXqcOwIi-v4rhIY7mCYSz4szY2l85AzlZo9_ABOLw26LbA-AEAYgF0c3pszeSBQQIBBgBkgUECAUYBKAGAoAHre33yAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDr-2nSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WKPeoaX5goMDmgmbAWh0dHBzOi8vZHJhdXNzZW5mZWV0LmRlL3Byb2R1Y3RzLzExNTYzNS1oZXJyZW4tc2NobmVlc2NodWhlLXdpbnRlcnNjaHVoZS1zbGlwLW9uLWFua2xlLWJvb3RpZXMtYW50aS1ydXRzY2gtd2Fzc2VyYmVzdGFuZGlnZS1wZWx6Z2VmdXR0ZXJ0ZS1vdXRkb29yLXNuZWFrZXJzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCJiSoqX5goMDFWrjuwgdutoHodgTDNAVAYAXAbIXHgocCAASFHB1Yi0yMjExNTUyNTM3NzA0NDA3GMDcDA&sigh=_dchBCHc9ho&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPADICaaNUkZO3ep9WUH7jJ8d9N8fV7-8kjHLdNt0ugWaP6qCsB0IHeG4J9iESGSvQq4zu9boAgWtYrbRmhgB&cbvp=2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 17:48:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 18:07:59 GMT
truncated
/ 		665 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d103df41045bc8e9538ed05d79fdd7750af623fa8dd55fdc3b74d90d6ba20a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52c854815f543b120f9314bf012a95ff9902edef46b232928855005edd9cf67c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
8bcc5ba1b51be8db315598d399d2060ff89e0bf9.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/8bcc5ba1b51be8db315598d399d2060ff89e0bf9.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
520fbd7d51a19e8cd86baa543aa5f04710da746c.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/520fbd7d51a19e8cd86baa543aa5f04710da746c.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
a473585cbe256573f972488832814e2b99903b01.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/a473585cbe256573f972488832814e2b99903b01.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
12386a92faaa3cb490bbb854ede1f5342b126915.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/12386a92faaa3cb490bbb854ede1f5342b126915.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
5899224269d95068277b9d355111572dd926bd8f.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/5899224269d95068277b9d355111572dd926bd8f.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
f0e2806d7d5ebc9664e57741ec045a3808e2aa9f.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/f0e2806d7d5ebc9664e57741ec045a3808e2aa9f.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
e14845fb9a20a7562dc9a603ffbe06c209eb2a6b.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/e14845fb9a20a7562dc9a603ffbe06c209eb2a6b.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
fdd1e8c2e89634dc706bd6d171965d71392389e1.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/fdd1e8c2e89634dc706bd6d171965d71392389e1.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
2c4b1b2eea5227d8628b8a6c269d62081f5e0b0c.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/2c4b1b2eea5227d8628b8a6c269d62081f5e0b0c.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
8f184c385654bf7d1b5fd4e589c7694dbdc365a3.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/8f184c385654bf7d1b5fd4e589c7694dbdc365a3.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
86efd168de7dc4a8bf2cf7cedea217f4a7e8d867.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/86efd168de7dc4a8bf2cf7cedea217f4a7e8d867.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
2a2a8b7c169ba097a14e6907734319a54e085ab7.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/2a2a8b7c169ba097a14e6907734319a54e085ab7.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
d1e2761b604a633d9b23bd6ebeba5e56e00470ce.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/d1e2761b604a633d9b23bd6ebeba5e56e00470ce.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
7d6aef5bda82f035c65ee2d9dadf96051997d839.image
comment.youmaker.com/api/v1/avatar/ Frame 7BF3 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/7d6aef5bda82f035c65ee2d9dadf96051997d839.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/word-wipe-epoch-games-4013587&url_id=4013587&group=&provider=youmaker&token=&page_title=Word%20Wipe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
Acta-Medium.otf
img.theepochtimes.com/fonts/ Frame 7BF3 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-Medium.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.11.158 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-11-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:07:59 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Access-Control-Allow-Credentials
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length
548
Acta-BookItalic.otf
img.theepochtimes.com/fonts/ Frame 7BF3 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-BookItalic.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.11.158 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-11-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:07:59 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Access-Control-Allow-Credentials
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length
548
view
securepubads.g.doubleclick.net/pcs/ Frame D484 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBvGiOYFyo8xvFOnvkfyvW6qUjQrHo34fobQLY3txYj1WxsL_z4SK8Op4Z395s-3zm_QVSH1kt0F4p2zapUPckwoofQ2eFPChQIAgtYagzjOqNFKkJbWm7EDQ6TwBWDjRZQ3fUUH5FOFI4MeAMXv3NXa8rT0jfo_raR1KmxZTD5ZtAhoYvotsVyX5LuPBUF9mXdQ3545dxtKEdBu1-LdWaGdKsVE-q2u-LEuz3sSsuy_RtTfg_TJOomSkmtV9pO9vLbg_vyeX6akI6oTCPku98NphEgivi2Edk8FK0Fty5hIVqGen17LyapgpitcozcpxbNPMGJN3-kiDDtNY6ftlAFCaFA5L_tIX_dUe-rblmebLQLlQSq5qtnvnEhbwZTcM&sai=AMfl-YSV-I4bm1Qn6N_GfLdUjjw7bAhsTE7H9965FLVgPZ5NNqC0lcIuX51zAbSe6fBUgFYv3ePgDTRuQV7Yws6VQfnqwHHsSSjwoJO-HcJgkaVb3trN337ql-ugzAVqrYmWQ3Lw8EVJWPfxKQ&sig=Cg0ArKJSzCR6X4GiV8eDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 18:07:59 GMT
truncated
/ Frame D484 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49918e3327bd5d2256484cfa66447f6686e495b5bf2503ffdcbbb41603718ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
stf.js
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/stf.js?v=2023-12-09T18
Requested by
Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/smarto/et_so_utils.js?v=2023-12-09T18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.73.140.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-140-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1d174a8f1d6cbc61636f93f6c777d9d91acc562c9e10650377ebba10623cc78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:07:59 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Tue, 05 Dec 2023 11:21:16 GMT
ETag
1c46396dbdf87adf14dfad77b3fb592b
Vary
Accept-Encoding
Content-Type
text/javascript
X-Timestamp
1701775275.37248
Cache-Control
public, max-age=249662
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txb2cfdec3a6ea4f3d83dee-00657487fddfw1
Content-Length
5035
Expires
Tue, 12 Dec 2023 15:29:01 GMT
p
ingestion.contentinsights.com/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.contentinsights.com/p?a=Epoch%20Puzzles&b=&c=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&d=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&e=Word%20Games&f=2748&g=2023-11-03T15%3A30%3A24Z&h=epochfun-137957%2Cpuzzle-games-152300%2Cjoypass-free-155614%2Cspecial-epoch-games-155638%2Cbrain-games-156107%2Cword-games-156911%2Cepochfun-premium-166969%2Cfrontaudio-161329&i=&j=free&k=news&l=&m=anonymous&ch=&n=article&pid=4013587&u=1702145279475.475130402.60262173&ul=1702145279475.287568157.943884&x=0.09204055727573901&t=0&err=&ver=22
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.12.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-12-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 09 Dec 2023 18:07:59 GMT
685e539c-2019-44c0-9463-dcf063173a14
https://www.theepochtimes.com/ 		244 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theepochtimes.com/685e539c-2019-44c0-9463-dcf063173a14
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a9de0847a7ddf30ec9d87451261de4067467099dea2d8223ddfb0231ae0ff97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
244
Content-Type
text/javascript
tentacle.js
tentacles.smartocto.com/ten/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/tentacle.js?v=2023-12-09T18
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-39.bunnyinfra.net
Software
BunnyCDN-DE1-1082 /
Resource Hash
30cba8c6f7374a344b5a6d97dda6da6f92281144a7123bd7168349de7d85f4b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-383
cdn-cachedat
11/28/2023 09:17:30
cdn-pullzone
1448885
last-modified
Tue, 28 Nov 2023 09:17:22 GMT
server
BunnyCDN-DE1-1082
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6565b022-9011"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
92c47c19-149d-4a6b-809d-6a585867c24c
cache-control
public, max-age=60
cdn-requestid
96396c91cc55e51fb70c87befcbd49af
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
container.html
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E182 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 18:07:58 GMT
expires
Sun, 08 Dec 2024 18:07:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ Frame E182 		225 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-106.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec09ffa8255690c234df207b037a80ce1f556eefd63d312527661b20e8d17814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 17:32:34 GMT
x-amz-version-id
x3ZH575FMTlxpyLPGCmfEbrtPLq5m2la
content-encoding
br
last-modified
Sat, 09 Dec 2023 17:30:02 GMT
server
AmazonS3
via
1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
etag
W/"5a9ced6bb0a05b59ee745e1a66811e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2126
x-amz-cf-id
GnnWLvW7JQ8Tnc39hkTOvbCJvzEOa28mnrV7jG5IhwhtpJtTeGr8qA==
ingestion.js
tentacles.smartocto.com/ten/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/ingestion.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-39.bunnyinfra.net
Software
BunnyCDN-DE1-1082 /
Resource Hash
4d5ffa9b4660a2cb3cc7733dd785224252768155d96805b19b862ef55af6d045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-677
cdn-cachedat
11/28/2023 09:17:30
cdn-pullzone
1448885
last-modified
Tue, 28 Nov 2023 09:17:20 GMT
server
BunnyCDN-DE1-1082
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6565b020-2774"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
92c47c19-149d-4a6b-809d-6a585867c24c
cache-control
public, max-age=60
cdn-requestid
3fefdb1cfdd4a6945487fb6addad2f20
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
tentacles
api.smartocto.com/api/brands/ 		1 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.smartocto.com/api/brands/tentacles?i=8ia94jzjaallopuwrqi7yg96qevd0z0w
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js?v=2023-12-09T18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.174.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-174-173.eu-west-1.compute.amazonaws.com
Software
/ smartocto
Resource Hash
a55cd6de4655dc7bb21259ded6fb10e73640436324b5eb7f01c6a450baefa7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
gzip
last-modified
Sat, 9 Dec 2023 18:07:54 +0000
max-age
10
x-powered-by
smartocto
vary
Accept-Encoding
x-cache
HIT from SmartOcto Cache
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
t
ingestion.smartocto.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingestion.smartocto.com/t?p=0%3Alpydcnhb%3AIvzIFctRLjZ2Tx6eLeXlap9HcMNRMz0Q&s=0%3Alpydcnhb%3Ag6z9FiivSHEU5Iqomd165Astvj9T18Om&v=0%3Agv6i1l3C1dHNPsVIc4a_rWs45_6IbDtZ&e=0%3Agv6i1l3C1dHNPsVIc4a_rWs45_6IbDtZ0&c=1702145279715&n=t&f=t&l=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&i=1600&j=1200&k=1&w=1600&h=1200&t=pageView&ch=web&bid=epochtimesus
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/ingestion.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.111.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Sat, 09 Dec 2023 18:07:59 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
pixel
googleads.g.doubleclick.net/xbbe/ Frame 44FE 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGPCTif8BMAE&v=APEucNXJWqqSX__A5mHAp14WF-e2Yuqc5JGxECx7i-tifywZ0yRPzZeBqwGH26tZ7uFs4AcvRTpOBSAw2ydVJq2Yn1DJHSWBWxR40T65WrzTEIzy0_M0bEcq5o6FdPh3Xpy3cYRiQwPCd4L5txyZPE-lG1GOAC-3PbQFMPW4wTzMzCvyqjB1J-I
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 18:07:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E182 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 18:07:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E182 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
14788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:01:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E182 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame E182 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsyU8N9w3LcAFTgVbZ0g6iIc1icuoPd4SwssjmVRMFPsGpHiMoKx0IcnvJZtTJzouMioMURcAqgY7FIRXjMz1LYaQwQg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E182 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 18:07:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E182 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcjRTT_1d_7tzUqybdkO3du6AEupN5bUDKW0YrGyWYaaV32L94iDWYCha9ICWid96Ncn5yckzfCaBjxoaBloKPzlixfyXpqkaB5wRCOJ-6zIz3JTM
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B1C0 		106 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e6382d15edbda0254ba0ad7f224f41b358a21ebfad6e1eed439f5ddf0ea245

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B1C0 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42deb9219fc21f52ec47f6de9f2cd7bbd2b6eff02e03fb2e77b935f3f2a849db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 44FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGPCTif8BMAE&v=APEucNXJWqqSX__A5mHAp14WF-e2Yuqc5JGxECx7i-tifywZ0yRPzZeBqwGH26tZ7uFs4AcvRTpOBSAw2ydVJq2Yn1DJHSWBWxR40T65WrzTEIzy0_M0bEcq5o6FdPh3Xpy3cYRiQwPCd4L5txyZPE-lG1GOAC-3PbQFMPW4wTzMzCvyqjB1J-I
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhoCX61dG7%2BIaSeQZboUweXZ8e2w%2BzVRJwi%2BWDaT9F%2F5Wd%2FORVdFZnueQEIpTGAglFecpFxvM78RGWGg2D8OBlBdQJiFPu%2FcY%2BI2OEzULFQLBi4LTs1OiAlva2w9ZcBhEryJ1%2FeAX33Nxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30dfbc93bbfe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 44FE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXSs--W7Y4F1D39cH6GVZgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGPCTif8BMAE&v=APEucNXJWqqSX__A5mHAp14WF-e2Yuqc5JGxECx7i-tifywZ0yRPzZeBqwGH26tZ7uFs4AcvRTpOBSAw2ydVJq2Yn1DJHSWBWxR40T65WrzTEIzy0_M0bEcq5o6FdPh3Xpy3cYRiQwPCd4L5txyZPE-lG1GOAC-3PbQFMPW4wTzMzCvyqjB1J-I
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSNoweQLA8fnzKCe7Zz7IoqUT3Z2zHu%2BL%2BXmhy1PDnIerX8EmgUkMhGGQi0Ai00K5oqAKjE1yOXv0qMQgHXDnWwz5R9Ax39v5F7OLCZCgtLr7JKfCUGHSab0l2pHiPcFDfeObtKy79wvDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e03feb5bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfwn0N0AM3w9SpYxUPMIEs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 44FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHUEtdNdD1VI01i31VKJkyU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUEtdNdD1VI01i31VKJkyU%26google_cver%3D1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUEtdNdD1VI01i31VKJkyU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGPCTif8BMAE&v=APEucNXJWqqSX__A5mHAp14WF-e2Yuqc5JGxECx7i-tifywZ0yRPzZeBqwGH26tZ7uFs4AcvRTpOBSAw2ydVJq2Yn1DJHSWBWxR40T65WrzTEIzy0_M0bEcq5o6FdPh3Xpy3cYRiQwPCd4L5txyZPE-lG1GOAC-3PbQFMPW4wTzMzCvyqjB1J-I
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
an-x-request-uuid
86442e37-4c1d-4cde-b9e5-e02eda8936dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.19.175.184; 84.19.175.184; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
an-x-request-uuid
4bd4f33b-c87a-4352-ae14-5daec69e5b57
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUEtdNdD1VI01i31VKJkyU%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.184; 84.19.175.184; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44FE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NjA4NDAzODMwMjc5NDE0Nw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NjA4NDAzODMwMjc5NDE0Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGPCTif8BMAE&v=APEucNXJWqqSX__A5mHAp14WF-e2Yuqc5JGxECx7i-tifywZ0yRPzZeBqwGH26tZ7uFs4AcvRTpOBSAw2ydVJq2Yn1DJHSWBWxR40T65WrzTEIzy0_M0bEcq5o6FdPh3Xpy3cYRiQwPCd4L5txyZPE-lG1GOAC-3PbQFMPW4wTzMzCvyqjB1J-I
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
an-x-request-uuid
431480b7-585f-485c-a6b3-42ab85aaa260
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NjA4NDAzODMwMjc5NDE0Nw%3D%3D
x-proxy-origin
84.19.175.184; 84.19.175.184; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
reading-time.js
tentacles.smartocto.com/ten/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/reading-time.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-39.bunnyinfra.net
Software
BunnyCDN-DE1-1082 /
Resource Hash
ce174010dbecc7aec9280ffd46eabfa8189b99d461403f060178a4075a872446

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-587
cdn-cachedat
11/28/2023 09:17:29
cdn-pullzone
1448885
last-modified
Tue, 28 Nov 2023 09:17:21 GMT
server
BunnyCDN-DE1-1082
cdn-fileserver
382
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6565b021-19d9"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
92c47c19-149d-4a6b-809d-6a585867c24c
cache-control
public, max-age=60
cdn-requestid
449b28c40bd86e99a7f8b4ac599b5465
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
config.json
game.epochbase.com/game/word-wipe/assets/config/ Frame B1C0 		170 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/config/config.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ae94b4099e7d234fab3806d5b410869d804b0bf38d8e84a9b00137066c937ef1

Request headers

Accept
application/json
Referer
https://game.epochbase.com/game/word-wipe/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
last-modified
Thu, 23 Sep 2021 20:28:31 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce36f-aa"
content-length
170
content-type
application/json
preloader2.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/preloader2.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4a1e84f71ae9d72049a2a7f4e544f8c051dd019a5989698f2f34ea815094ac44

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-44328"
content-length
279336
content-type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame E182 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9700044528174&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E182 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9700044528174&version=m202309260101&ct=76&x=1&cor=2772346570509470000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E182 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCRfHgO_QPjoqqQrhjLO-REssYNUWKLrfpa3hGrhJIVZ89L7V5h_EYGG8txaGGCdYKEXKqM5YUEum0tVCA3a4iwn0_bKs6vn0vfInz-n9JlUzTTxU&cry=1&dbm_d=AKAmf-C3NAIotXnM_gEZeCFkx02_fQ_S7pe1_DzrqdZA-98L7DGg-yoYuc4-k3kPvm-8Ab3LEKx6psljahGou-aPExcjhnMbsFcXMDu72Aia9gSRvWALEqFhIVOHMvaaWHykkLFtQy_Ke8PD08C0CyQHKYJ1tQwOLY_My2QZ_-8dl5UfkgYIf_AYg--R1f_hBgbkZQE5kn1OIPrht3efggW5SPpSLTHBx2t3-BqJBzgBNtybtqSQTwkS9Y8zRtENShwFBUwazBO4qvxjKmIhJYr1fDPqd5adzOKcZGpukd69ZHLAcDeTpodef6W2DaQsPWA8dsXUvvrib1W9h-EfMqWchErq9zvK02ijfYKOuP0qgDUCPQx0qwaOX21PjX6bRtd2OGb4ZyxP7afKUdzdOeAoFMkKzKLNhqcsWUIiYFww55llImkFxiua9uy6y24U9pov8XaPae2gD2w11Ft5p0aWlQbPSBscvowOf6Z7kTyRknjABaN24J8qzDrxNIQvYaAtTuxfe_XdF3owHFaHdjfCzCQtvMBbeES52yAR458pdlK_T340vmYyEKmaoGwFYBE7PKvCRPRM2L02IUxtSke68T_RT-_xd8PFkO8SrIOj1cf1eiqtXSNyxJ6wldKwwhAvmaWnPgsMcntzUKKPGmjeWm_Ps0oKK_x5sPQZVnHPZISr8Hna4KM66Bq4U7BdSoMb0lQUa9f91lsjWC2ib48-HbUx9P-0v-SKnkEzVkcx8qv9gQA_qvsfyBiQjKxuJAXvsUQfBbtV_KiOgTCCXNdeL9e2qZnBR3CcrZBva83Nkxkso27wkACL-fsmLIKaeXa8nvSbKB7SDsfk76wHKMYdWyTrsrDw-qCLQ2JCoD3BplLaWf6VJf2O-OGl1AV_bnV4zezzmg7Ya8lFtIm8DmlwLIE8rdQyAanf4VbVOiR1kOqKmeE8qmczmWfm3DUDgozO_6aSHLUKLl1XO4yboYtaB8CRaW6Sg81AcBSzmR1iwwc5irIxl4hPkIx9b-opXtQMZ0p_XSESE3_0Y4RGwqB1C6tdPf98PSIZ7sXThjFfY-3xPUs8DHRUicn5jmilqoIAzVJc2IsVU6gqGFpU0bVd1tuzPVYQ7fYMBroiJMLoXmkILdU2nshg5E93B51Kvq7IO_KVm68c4VicHJhL0tzxp18BSdQuXycBy3or4--ACAIUhQjHE18Amm1de8904q44iqrFvjmFYAQocd0eetTa0Zgis6UPDVJ_WH6BlJOVTNUdZ2-FfBg0kTQuHBxWytt7WFCSy2khYr2AItW_ce3f4kXI7CdVVj3nPIqvE9DOYLRRvgwRVhUxTky2eSeE7TG4TWldaLA70WgbV5BdfoEXrX6h4Fc4ZeM0FqFi06iINOrXSzyaASM5oIgsiiGN5xHAMVwFrl-C9hmCZL46y7aRAMeyN1UksES_NjP7JZEggY3uJYDKHC4WpxHQx0eGwND0XfAHjhkPvwnnGvAusHzTFhPDYtTjBTyXCvmIXqGzk9KOmiW2E5obR-4r3PDFeZWuGQjq7ADym3jkZbIQRXkB3cgjh5z0vM894gAoEqAxh5LVMcqUMTxeOlxFO-MzdM2Pxku0OHfFHpxU2RPq2rg5u4iQ21ysWWwCdmcv35YkA0B7LqTFpEIgiN7B8uCK6tMrF6H_4AmO_uPre9-AgS9JLs98azjVXOPmGwjrMdIeivE21Mvx_MjMzlEbVKeu0_3jIP8T6u0pnrUH0jcCFPUyKvEHKhjpkzaFdtsyzLt_pcwCI2mgdM_Xc5mV2E3lqAHKXNSc6AmJFexx8Cshenkn9uMp1LbunMT_1G62bswgOlfv7zyozcnmQRQ3VX0zwv1yHnxxLUabDJq7LGJ9NkRCpNA9Qy29XLIKcgT2JYLX5hONGrZduxHMl34w6fiIky13_MW6iMkh8dJeCpzNCpxaIC7s8yrrRJeoyzBX4-_UW2JThSJkXsqZIjegdKGhU7p1Rj6iCvdGE2brkeAdo_pKgBjUlP8ULLHlgx1wVpBKjuBajPxdK8jo-AE1Udi6-1_b9UsQ2xIyauFT8Auy-fPu5Uk97GStucov5yvfYFfT_5QJLGFQ6aF5WlgIe0J7dPexTJCx7IW9bx03tYfRRtaM9hVsRV8rINjkQWBkhfyV95TPsixwMUHwSGQVQAtZlZJqCvGjtil5JeF2HsTgRrfOVfryt77-QeW5EVMjHFNEqkxBEQaS5Oofc-yksSQMfsN_M3bWgJMxJvFrSHvBrrIWKB6iKr2aeevlr4C8DHKQZS0WTdWXBlGT4FnvYSrbN0vlr1TSDi8uaWzqLcqEMKjVGRG-69TJUmepYCK1jmoo2kZHIsx-PPgHNNtfIa1Vu5WZfgH1i-GAuobz8_cMV8zFTZ7p48P2qJLG-OZcU0vu7oSG-nekRWQJrvVuayKvkfiZZA1egbyKP6R8bykD1dTMdgiLWn9-b9wmym_dTVJ_B8eR_h-MYjCQeS1cWwFGn4TxL8vY9tPjqX5-E4MkfFHSXHxxDE1g3hqqjwwEsX9aySDgudkKxhgmW2eV8XUOZ5kdPyK_XsRGW-gdua7lQ_8wwG_q7wKL2_fTMKX7ugpBIqYd73_o9hpRePnmI_Q4KxJbc7zzdvs4Oc9fcDcJ_WIFGVzUWpsZjuBcd-_FKVqUMkPUtWh4zqdOd0uNct4kLHoqaVsXJuuNTjx5DkifFKxrm18RC1NcZBrvwvYMNgVMuTfJZ_3BgSwgrSLFLPul6x8aBdC-Hr5bTWgxc6t6Ll6zOPuJedbpEZRp13C5gi-xvwFmkpan_5i4cnpRfV8l0UGBwcspFjFuZ0vhU2trwdoOLIHj1w2H26ZdkVWYcgc7gTPn8oNoh2sb-oqc7W8rK2o1RZQ1_cfgoRVJNf7HRsZnKWUluD2tw3Ex3AGV21BC77Qu6WT7IMHIBeN1y2M757-hhmstX0vdHTjiL2QU8LrgQ8TmI6GGutk3FwmLR-5FN9MPKpPmaYVBAZ7LJilYXtFdzewNAT9TFuAdHH4QgW1Df2yg_YFs33-tufhGj3NpoCBjMDnvabapsuUfqhROMtMFL-ghA2j0ObdXuRt_W3afCMbvlYB8rnqvLnyt__9eC_m_VdTkIXbOixEoOuBhz4R_LN-KmfPiR_6rwn0I6X7DZmZqllrppEb5rBCZcRqXWre3QlsiBdZwooNUKvSEQsMtqz1rIYXTktI6sye9HfFGo94NCpd0kqx1_kXAYhU4YtrGi4mPmGBHe7VQLedksZ3vXjDZXvLYgQSzEh3cPwJHaFUKH2Q5jvmfo-EgfqxZu4-q1GHsqu2fP2EajggcatGqI1GdvT6kvsyVbBGTzVnDrN-ZKNrVnCdrJ___Aag4EA-K7cBQvYT0PtOnEPpePTslBrnXMc7FhiMEBvPw-Zk59Ypsw_68o7lYcpHUcE_bJRpqIGDRiJCVs2zD3gW3fo6C-u1P1WHsj_edUIYbkLrbGeYFLXY6h3G-_Gm4gx_fsGSy3zJuFzHhHLZ04cRe9zBDtSDs_q4gihyWpOEhLDJHuF-c0pg13CQDSetpWWgqHwvh05qBiBPTIyFLoceSp211Rg53Xti3D_sXRjU5V5610pRsjxV1V5CAtDMC3-aZL5TfFCcY7cwC5ZyDLkVluiOB3DRMC0cQTsS7tr3kn7g5N83rQai7Lvmb1q_H_FaaZE58sAb1wh_XiCX51bqDZgSopqU5kBZwmUm71ypoDMAsvKlb191Mlg&cid=CAQSPADICaaN0pL1lyELyDwEml8r5v9pTWwxpvcjfHsuwX5Jo8z25XWgfB9GZwQwRxUSmKnG3jr-pIURcWPT3xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theepochtimes.com%2F&ds=l&xdt=1&iif=1&cor=2772346570509470000&adk=2857193499&idt=146&cac=0&dtd=6
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0b52d59a81101f9a0f8807daee90e966394c3fff6ab2f98b012e3e8b5e24b45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39572
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E182 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
Origin
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 11:58:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame E182 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
82887
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:06:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E182 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
24522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 11:19:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E182 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
58927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1ECA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 10 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E182 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1acdaf8bef8bd41f97bdcb36f06e491f94c27167df4baf6b48dd1ae8df449f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
init
gw.geoedge.be/api/ Frame E182 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.24.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-24-34.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
content-length
0
x-amz-cf-id
-3sIsroRdh4yWeF2ubagSksIcvwni4bPqGqFG95BIx8-lhordKRvHg==
x-cache
Miss from cloudfront
/
onetag-sys.com/usync/ Frame 68D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702145277676
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 81D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702145277675
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame B9D9 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47136
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 05:05:07 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-amz-cf-id
Z8-s4WknFX9rotZKFuHwKryYD8WddhcfD0cdLU0nlp7EO6xTEBgItg==
x-amz-cf-pop
ZRH50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 5D0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702145277674
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame 80CB 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47136
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 05:05:07 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-amz-cf-id
HMAbZkwjbZ2QgqMnzBpwQJPFoRuQn9yg35wQqVdD_vdOFelOoeui-g==
x-amz-cf-pop
ZRH50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 2383 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702145278120
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame BE4C 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47136
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 05:05:07 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-amz-cf-id
oDUM-EBIYRcEaf7SqkVE0W9EfyfzyY8_5jzRmSGVWBeYV8cf1O3xcg==
x-amz-cf-pop
ZRH50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 8762 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702145277675
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame C84E 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47136
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 05:05:07 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-amz-cf-id
hBTIqdriw6CikNJ3z6ICWsEu4WW7JCVD8Q_7ywHh-SUndNPp_tovwQ==
x-amz-cf-pop
ZRH50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame 22FF 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47136
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 05:05:07 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-amz-cf-id
yBt9bSMq74QQG8CBSf6NPr5bzFB9znYxSOFZGH1lDZ5gLMggjcGjSw==
x-amz-cf-pop
ZRH50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
dpixel
cms.quantserve.com/ Frame 1ECA 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHYA7Fuue4n6RL7ovAXDMSM&google_cver=1&google_push=AXcoOmTK35auFzNJBvHZr503QcxdaBiO6GVCSIgorGaRdSGPmrT7E8Cr4-gChV2oJooT32EUc7iaFPvqnVvUw_HyqFEkO4PfK5qS
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 1ECA 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEITXQlDJUJsbhTVVwg8ebp8&google_cver=1&google_push=AXcoOmQDtPcBo5E7V_dgJcwgaRIHDh7huqqY_j-D_Men0PVbtmscZ8X47TShXnJtAdRWEWXFmg0Lxz3zI7PHm826zvWKTeJqtz_f
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 1ECA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFSsrIx5A2uc68mzNrIP5Yo&google_cver=1&google_push=AXcoOmTw-Nld36dcd24fE6gcBO-Nv_yqQ97RhIDizuFX7xcotCYKSuRiksOgIN6i6PBll2ylM54KsWbQ4FLa6f...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDY1ODMxMDY0NzkwNDQxMw%3D%3D&google_push=AXcoOmTw-Nld36dcd24fE6gcBO-Nv_yqQ97RhIDizuFX7xcotCYKSuRiksOgIN6i6PBll2ylM54KsWbQ4FLa6fQOWk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDY1ODMxMDY0NzkwNDQxMw%3D%3D&google_push=AXcoOmTw-Nld36dcd24fE6gcBO-Nv_yqQ97RhIDizuFX7xcotCYKSuRiksOgIN6i6PBll2ylM54KsWbQ4FLa6fQOWkSObgGqXd4f
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDY1ODMxMDY0NzkwNDQxMw%3D%3D&google_push=AXcoOmTw-Nld36dcd24fE6gcBO-Nv_yqQ97RhIDizuFX7xcotCYKSuRiksOgIN6i6PBll2ylM54KsWbQ4FLa6fQOWkSObgGqXd4f
Date
Sat, 09 Dec 2023 18:08:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dds
rtb.openx.net/sync/ Frame 1ECA 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHDaloBLg-aHY0SNZSod6EA&google_cver=1&google_push=AXcoOmRG7PDgUMV0TwArSwbwNUBvTI3R9AXNbpqSzyEFUkTETgaw3CXbR2F9Nyj-3LSOP7JItNNWaUQ8InffHrMX54rK5cUkFuY
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 1ECA
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrrtjkkmbKl38P62c0zLjQ&google_cver=1&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjI...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrrtjkkmbKl38P62c0zLjQ&google_cver=1&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjI...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjIT6ZJdu32zM&google_hm=HyyAsGZHbJp4m3T7S6SuQpgt
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjIT6ZJdu32zM&google_hm=HyyAsGZHbJp4m3T7S6SuQpgt
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 09 Dec 2023 18:08:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1ZtQnwOQ_jOKpf-aS9zLwjrFsP77kzYGPLDc7wC84DT3Zxes9b47ltgSiAaWT6djoNs7HKUSzZroNFKRjIT6ZJdu32zM&google_hm=HyyAsGZHbJp4m3T7S6SuQpgt
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1ECA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECAHhHbOhvIimb-HS6jNvEY&google_cver=1&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi9
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDk2NTk2ODI4NzUxMTk3NDQ3ODcz&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDk2NTk2ODI4NzUxMTk3NDQ3ODcz&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi9
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDk2NTk2ODI4NzUxMTk3NDQ3ODcz&google_push=AXcoOmRoNUy-9WYYqpno2W0QitGGMtmZYTRTamIviLCC1WB1PMpCgzyb7JF03XMUlV8x3WBmVFb1OctlpCw2YN1eeuV7S0DicRi9
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 1ECA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPO5ixbYemRD2tg5Zo5Or2w&google_cver=1&google_push=AXcoOmTlrM2ok7iK5PzEEiplRdyQmgn0KRli3-q78Jh5vk7rI3oRc9j8NzRWTY1ZEWYvBf_g7g4qI8mqwkY...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTlrM2ok7iK5PzEEiplRdyQmgn0KRli3-q78Jh5vk7rI3oRc9j8NzRWTY1ZEWYvBf_g7g4qI8mqwkYSefpoy71bP3haO3AwMA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1ECA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KT83FQMDnXnimvNqREmcHIgw35blY43re4bFRBGccJQbk_enGjTjNXejtYjQc8BtfAUWD61A
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F8EF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C44C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLlchH9qfShaP6kx_cTDQZChATEvBTo31-ZiNugIGZ-JQmTDz8mEIaled5EqOvML__kDM3SaRn-FBBrKZ1MuO9dYSdBTkyLlDteSmxZNO66qkJSya7v9iCvjkNgr9PHyK7qBb1csBfm89P&sai=AMfl-YRS9BN9efV-gGBEjx9fTb9FW0s3-ulByliolbMjXexRNF0zOFbyH6Bnn50dDTFcrf0gp0dA2qyGoHQTPUf93_sxN4X1oI-MKBpBOIKGQzGgdz8TqDJKz5dCKgVBlN94tfsk2Bs8jh0&sig=Cg0ArKJSzFAcxruup3oCEAE&cid=CAQSPADICaaNUkZO3ep9WUH7jJ8d9N8fV7-8kjHLdNt0ugWaP6qCsB0IHeG4J9iESGSvQq4zu9boAgWtYrbRmhgB&id=ampim&o=1153,120&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=259&tls=1262&g=100&h=100&tt=1262&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F8EF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
14788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 14:01:32 GMT
preloader2.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/preloader2.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d7b4d2b3168b9ff4aa00bc0792ce3c85165f84eb31935c46f006be2106e86217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-47b"
content-length
1147
content-type
application/json
index.html
s0.2mdn.net/sadbundle/6799399005551666244/ Frame 0CCD 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
ee421db418c5963b905ad74e333312b50a96ab4df0e6caed8f380d3905b3ff6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2658
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 18:08:00 GMT
expires
Sun, 08 Dec 2024 18:08:00 GMT
last-modified
Tue, 05 Dec 2023 17:43:40 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E182 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ0ypFOQp8XVNxfBuR05Lpi3GEwnJKI0vN_diftIjjrctYmjZbJArgquBfr57H_KfpzpowTRwt33wUyjaB7WaDHiODiGW3Q4klfO14CCGF9NH6HOZkrQsG0sp-vvAN8bu4eRhyLjBrapHegu4c_r5kmoXi9b4NzMdx4nzJznNxRyCSnoPfK2z3MP1mq6pPQGeQ2TplJnussAvAlSLy-qCif719ums0JFOh69aCnK5d_aUQ_2GAPHGUeEKq0JBxaX0hJ0fW99fmo7ULYkEZELxgoKYeIoRezJzz1NuXPFU5G7tSQ0Mxt8cEYztSI3-Wp2V39NWaATVs_wEXx97DdkHoc3epAjthc3_PG80u-iHbCQg-qYTRSlcgmoXWsmvBTq3Bej4SsJPMcVCp8XMQp8IJmV2VQOhYqbAsOJGPi5r3a4uEgTVAfyroCKmm73JgrDofHzXjkITygj0xTkOgd6nYnRIbu9kQ5YAqohqsGcgqhM2AIAbti0J3YA7tn5ePTU8D4i4bOSqohWOcMlcDrHpbnslLlYL2hxGGoFbVlsOZSAxw3gAtRAxn4-IjjEqAyY3ZVGZwRj1s5R8FSbJaz-WnFMoBdZV-buTG7g_mEuiwnEOuEfUvlqbzSl_zxYvcNogcphBZQYd1avT1EEstwjF5dytPBZn-JqqUvB40Ns1s0Qa8qpJXed7eBm_Qgigelfjw7x-52JJYA9q5JygPxRFylkjnoZIB_bz8Hf3HjH52yQH8E3CsG0KhDYzKbch3rSHHbVBwUq09kwcjBEIYygmz4i7L8rNQ_2V_nZMY3eBM9HVlC79S-juMr4ar319vmtsib7pHThrAmhPApKNOTaYPYB5vjSzR_tpQI-CVFmaVG0-XtbIHIHmgT6FTpY9wMeNn38vAK2gqgGOs11UlyhuNCGofu1HjZ5XIK1kRqg71oE0uJ34tr0QTCfVBz6xbh4qgh9zYn4fEAdDu4O-0c5O00cT8ZTnSqKd_r7uwOsKg_mYZJjQEBvj7I4RmRo-qSZFQ1_RRXxs2WiolVAimV1wLl_hcf_SWajlzCTHtXiPaBUdYQ2QPeZ_JwKrZucG_jyRF20A34dbFks8Mug0oy7GQwy4iGNu5oaIcwXoF7fUeJ4TAE7E9_kxi7UhlbJCLYOBhyAS1Jy8G_b_EjEI6_Q2Rdlpb9AdUWXSDXEe3NfD_ohoZIgL7CnbD991JbRVcFleNiJSOLEY4OIZmMvslmqX0aF1aMiNDQKdPddEaCIHHdguZzIf7W7EiG4LkrPExeKJ8oh6Y6zl5fDoC_qRCdHo5ZCr4pjjK-Q5jzmG3T4DAkAzQwprEq00oS9qBL8QphQ7c9VI8JdoSheLX9uu9YH0O8Nt4UFC4CH7whUSVqZ3rUjusoE41OaaDQkNsq24fJBSn87nGQvVAbGWxnHpyOpvszsCZ4w_mZ7k&sai=AMfl-YTrv4bVsEwqw3b9eO9A37CMTgnrIZHzH60GIRaUktJSMiSRyXKZKd08lKvjTd96oJfLQhOHAx2YOHYk1qsCNdjGxqkUIVjizaYTmJdbGUwcpsZDOPEL1E3C9RzbZ8WkM8T-7oIX1-mk-OxcZocJ-Vu_NwV3U32wQdYnoGHW6KaSStHP6NTww9sk-ydFByO_xJ6l6Fh_xrhqHmxWKlAb1_IBIUaFX9eMzRpbj22RmVQyCIGneWvlAMi-HXbJlAWgwUO9Mo8&sig=Cg0ArKJSzIzt-7cyfl3FEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=140&cisv=r20231206.20479&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 18:08:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D484 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC_AILp-IEZJ6Hr4_gGWMvlVEUBu16a3hXmUTicHWOdK0NgCKjLr1TeX_mrJiA0JFZHRheFRjWvaUGR0H7u4iiajpW3rUx8E9VdSOwuVluWXLqXJ7wKJ1hJg_oKbfoi5IgU2hfgMwxCw&sai=AMfl-YSag0Uwu3IAeQzbJ4S58YrzMGY845_pqulrT-jvrXqdav4TAjA&sig=Cg0ArKJSzB4C_cVxJrb7EAE&id=lidar2&mcvt=1010&p=96,1152,346,1452&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2135588503&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702145279112&rpt=98&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9F00 		2 KB
822 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea2c68cafd17711da61d4989a4da744f54b6abb30d2cd0f077f1ac89f9d29ca

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
832f30e1e84cbbfe-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 18:08:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgOf3Dhcu%2BQrnbgaC0%2BLDhjQ%2Fco5hpUiR9YjN1WrndCsNRm9hSSajJe4tdgd19l2zaNuUaHr3L%2FnmpawdD2MYhQD9H57nC8mRbSJ%2BoAVpyAwW5D9tXd2%2B9YseuXml8VW1sH2bF%2B9JUXF4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 05C3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 18:08:00 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Dec 2023 18:08:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 80CB 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58293/ Frame 80CB
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
360
content-language
en
generic
match.adsrvr.org/track/cmf/ Frame 80CB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 80CB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 80CB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 80CB 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
occ
ups.analytics.yahoo.com/ups/58545/ Frame 80CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58545/occ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
cm
us-u.openx.net/w/1.0/ Frame 22FF 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58293/ Frame 22FF
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
360
content-language
en
generic
match.adsrvr.org/track/cmf/ Frame 22FF 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 22FF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 22FF 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 22FF 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
occ
ups.analytics.yahoo.com/ups/58545/ Frame 22FF 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58545/occ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 1287 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb541e59ae759d8972a3265283a5408dc6a81061822e0a517aa3c4bd62ce239

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
832f30e1e854bbfe-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 18:08:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ5qc%2FcKmV5N1%2FXGu5nWwyYkkOmZVtMm%2BtSy3j6yp01dZWQqhvMBhROupB1eR6gitWcpLQhE%2FXNhd54bzU70vEtzIXhEr%2BOI2UZJBvnclIBTkOtHrE21zmqS0GYfbxGyVSkXyODv5THqTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5A17
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 18:08:00 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Dec 2023 18:08:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame C84E 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58293/ Frame C84E
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
360
content-language
en
generic
match.adsrvr.org/track/cmf/ Frame C84E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame C84E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame C84E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C84E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
occ
ups.analytics.yahoo.com/ups/58545/ Frame C84E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58545/occ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
usermatch
ssum-sec.casalemedia.com/ Frame A1B4 		2 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21da30020a0244ac984c4ed71eb233f22329920565c4007a0793aad54c348ddb

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
832f30e1e85ebbfe-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 18:08:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuBxVnyH%2BEJaat0HIaJO048lbvHA8eKGhzE5vXk4NaZJ44nfO01zpxfwerdCAxqKKXoj%2FXu0vTelxiuzv5CXn8Y1awLEO%2FDL9gUf4Vi4pO0e0AE08TtGxMx%2BUnGg%2FXLGeoL7ONeOrLMlfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A03A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 18:08:00 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Dec 2023 18:08:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame B9D9 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58293/ Frame B9D9
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
8
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
360
content-language
en
generic
match.adsrvr.org/track/cmf/ Frame B9D9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame B9D9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame B9D9 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B9D9 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
occ
ups.analytics.yahoo.com/ups/58545/ Frame B9D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58545/occ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
usermatch
ssum-sec.casalemedia.com/ Frame D237 		2 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4bbb401a6314ea02c0fd4298e34aca90c579f135ac02a76f5f5bb6b3568ea2

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
832f30e1f86cbbfe-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 18:08:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5nbeLGEvCwzPvxQYB17%2BEwWRCEMZK704WW%2FLpsBzexqVrhYdxhguT%2FlJMaKkgYaWnhJvp2FDkC4dtp6zapETFAqDtWkr%2BMzZ2FPNHWrEZm7xQfsu09nDP4qytRdL5CS3p6r7uuJxn4H3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D292
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 18:08:00 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Dec 2023 18:08:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
backgroundMusic.mp3
game.epochbase.com/game/word-wipe/assets/audio/music/ Frame B1C0 		430 KB
431 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/music/backgroundMusic.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
82650b7e5f22d8ac4a13809a03de8e1d2b50c3743925520171aee6cf7bf258f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-6b940"
content-length
440640
content-type
audio/mpeg
TilePop2.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/TilePop2.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
bfd56f435385afaa5cc349ca0cfe464d9b68fd79da1f029c73ec87085e79dc49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-261e"
content-length
9758
content-type
audio/mpeg
BaddieGrunt1.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/BaddieGrunt1.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f8359fafcfef5e2477aa5479215d428eb4bd64a1d540cc690a55237a76b81983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-2e80"
content-length
11904
content-type
audio/mpeg
blurredBg.png
game.epochbase.com/game/word-wipe/assets/images/ Frame B1C0 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/blurredBg.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
78d2e375f5d21e9aea1809b7f1dd3c022e69b74c0f1ef4bffe690189be8457fe

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-2045a"
content-length
132186
content-type
image/png
cm
us-u.openx.net/w/1.0/ Frame BE4C 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58293/ Frame BE4C
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
360
content-language
en
generic
match.adsrvr.org/track/cmf/ Frame BE4C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame BE4C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame BE4C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:07:59 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58545/ Frame BE4C 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58545/occ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
8
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 21DD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35a96756d9220ca4ca70f5173ecfc559eebe190074c9e4ea0a5140924caa1ba

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
832f30e28a615bed-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 18:08:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQYfHZP0jaedZUEwqtnvxzAhWR%2F1KStt0yEdpCe6ENEeR3l0xqIxyrzJU2sHBNhX4NcRK2peus4sOhXLBE2rYhlp6eChalwlLO44moymc3%2Bxu7TATFNcZHwp8NYSRK4AxXC%2B3HqlJ0lpqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6849
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 18:08:00 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Dec 2023 18:08:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BE4C 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BANfY_6x0ZbeXO4y89u8Pzci18AEAAAAAOAHgBAI&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfOOMIRnBRgZkVFqf3SgW5ZX6dk_Tcdj3y5_xeADUiOiGwHzCJmv469LTmI1jZlv4dAgAAAGBSAAAAAmgBB5kDWaqrE4OQzpRpoGPrBAHnUDdSSe0_8DkGpbruO2CxXfpkvm_VffufdKK0srnDSG11WhRCix_vawI8hcquInl9mwZHmDo7qp0EugnWtiuZ6oQDAq2gLziNnBSeSqFzKeYZX1UilugpSGWWUEDKYQ6PSENoc4Q9cjb7m0cwLVtjGiYTdaiRBlnd9MHUCYZBrZ25Rz3DSvhPVRARRlOSs4rcZHJCVqQAgPOH1aOE2gWEQeuDJCcBKRm4TwzsW6oFvX6Ra9_gwgLzMWYCVW8zKmbu7V-AXw7SB1SJFx8B9mlpqg2YiXcoGo_I57pVqY10Uar-_ttJUieUL0gnhm0tjcKAIFuLMf5pOzFOYl63thtzkMxy8aizrJ8_qIY8mkoxRxnKxYBIaDZC61cv2JY2BZGn1bxyPH-Ik0TYKTvZBQo4vz-e2JhujduVfjmvRxlVLeb36ttAQm5qyIS7QintO31ol89Y1tETQGRWZsX-73Zb6iOA30e3D38pKwPirvETEMIq-8DJ0cqI79SYLFF-r5t1CpBk4_dsV3tQ0Pm3DH78oqVNN7mKmIDsI4jVI7-Ikctvpa3tDbDthRm-3c0bQNJpMt8N0NkY7_ngnPjpLsJUcZ7jI1eU8APRUv3HbLnQVt2yxfsi4F3Vy0N8EIDjoXmWTvCP9kThgJWrky4sq-t-how31naobzWvOz6s1S93y_K0aBDtaAFIjCsBAyEgDMQSBAFRHizSJazGzpuw3g6epZyKuhdMCqvXmrNyN9bfX6g7xxKdFHlB0gMAFT5auNlfDfmC2rv4kTRmC8vpm2tHiR6aoKdTJ0psYYPR0v5tqbcVkgiIjGgVGJxPsVO_U2n0p_5ruVvCJ_unQ-MMF6pCoqY4yFTu-8ffwOumVEZfmfo0Gj25frVwuekLlXWl-ON1Yurd2tojfS03JOIPF-3vDZ5a64fOD4v32Kg3AQl8_hAFM5kI-b9HpDorYEdZrRUhSqb2b5o097qkJ5v5KQrc62xEAX-BX9ic5YVhlsyfHt4ifoGbpKBLOjaePMv-ywZ8Ow5znLKNlgLXIWlmnIDtUBhxAJgIAW3Ds-W9Sq0mQzMPZQcEa81Sqn-R-xt5mlPD8qxr85x6YkycPAJ8rilYWgahE0GZpKTzr9AQ
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1287
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZARFFNDRPSKC1SZVRDD0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GJQTJ1VKXK962QK49WS9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1287
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMY3oyYZZ7bhbKtNctc_5M0&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMY3oyYZZ7bhbKtNctc_5M0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBEIejUjhICwJxAJ16pMcdZP%2B8iRy%2Ff6cWVx1vbaoKk1saCRKI6btzIZLt8GJNEhWO4sil6zHGUdobR5IpGoiDKKp0CX884%2F8FunWWEv%2BuruAVHxTAi1EX3Ki1MWX%2FqbW7yIydplcK5kpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e2caa05bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMY3oyYZZ7bhbKtNctc_5M0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1287 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 1287
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1475b187a48c415fbe94b1ff49aedbc3
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
288313
expires
Sat, 09 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1287 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 1287
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCZoRfkq%2FyF%2FogTGAuyp%2BSctXJ3AjCCjAx9O3CT%2FUchWuAq3%2FaxdOdrn%2FXEq%2BpzAK%2BZPh5JzOllV3p%2BR0pQbkIYENRl%2FovXlPW78BttgfgRjqsMjb92V8JqCxTJ6%2BB3huYZoFgaATkNx9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e37b775bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sat, 09 Dec 2023 18:08:00 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1287
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=862442839217&us_privacy=1---
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=862442839217&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUHmXhKQZ7ZSgbi7NBUHLw9K8YvY67j1LM%2FDFqKNrXY963k7DfzKPcvq%2BS2QwUvv7%2BqbWZSaLkKjCkBEukp8Y7i53LNwQ2kNOaYR27vkJ0X8kkIq9fam7TjvLhXgdAVZG3oj6KIbIcPmyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e36b605bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=862442839217&us_privacy=1---
content-length
0
indexmatch
match.adsby.bidtheatre.com/ Frame 1287 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.227.64.62 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Date
Sat, 09 Dec 2023 18:08:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
43
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 1287 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-109.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
nfznXbo7VuFio8w13alMsc2QxEM-rW2twm812jf5lkNx9HX23DSxUg==
x-cache
Miss from cloudfront
usersync.aspx
dis.criteo.com/dis/ Frame D237
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=21639db9b5894376a4b57612982c3ecb
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
189746
expires
Sat, 09 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
crum
dsum-sec.casalemedia.com/ Frame D237
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6261967518377147054
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6261967518377147054
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYGXWYG60FRyzs%2Folm0BEwq5blSheQrjyhSwVC91GLmENFsLmeXXfwIFC%2Ba5eGczCRQYLBiGaw4rOH4CuIwaQnUR0sybkJfIRak58NB91ozR10Jijaj%2Fj4pRvtCbfxGqQCfej442wBlTWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e2ca9e5bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
an-x-request-uuid
ec4b8272-a148-4faa-a834-a9aaa7501266
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6261967518377147054
x-proxy-origin
84.19.175.184; 84.19.175.184; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D237 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.87.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/55940/ Frame D237 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
casale
match.adsrvr.org/track/cmf/ Frame D237 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
ix
ad4m.at/ad/sim/ Frame D237 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame D237
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=46909b65-0eb6-46b1-90b0-fb99976a179b
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=46909b65-0eb6-46b1-90b0-fb99976a179b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=no7P7DEA0N1dzz2qEvYRpTNyjOSxiN1i5JPjmPiA%2BxTE%2BEslBMxiyx6lPTkgd46KidvYJ0%2Ffk2Aly2op6yfZnA82O6Gb6O8AFXuE2zHAn3pEx%2BHvf%2FvY8%2F5va6X%2BH4pdRbOud%2B0gdirz6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e36b5c5bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=46909b65-0eb6-46b1-90b0-fb99976a179b
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame D237
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828627938051
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828627938051
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tLNM3jyhDgJskJmHcrUqVxRUwdvRUjpHOde%2FC%2FHztCLXw3EVb4J3cHt%2FO9StkIt2SY17vNGFtzczPnl8Zh2Le98rg%2Bl79aHLkkfoP%2FgFWPUSxDbqw2DzlsAQQp5qgOLKyG1KgE5fRUwLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e37b715bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828627938051
Date
Sat, 09 Dec 2023 18:08:00 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame D237 		0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-109.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
_QpROio2AkzdMBvaV_k9qGpSZIw4fpsuXdM_lJgDX5EvpBXMGxKq_g==
x-cache
Miss from cloudfront
usersync.aspx
dis.criteo.com/dis/ Frame A1B4
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=4207420cc8d64b7aa8e373d4838bafb9
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
174768
expires
Sat, 09 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
rum
dsum-sec.casalemedia.com/ Frame A1B4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QK5R3Bf_VthbqVOLRKhL2UP-Udlb-F_bRv09WPQR
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QK5R3Bf_VthbqVOLRKhL2UP-Udlb-F_bRv09WPQR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG4xhzIMV4cNOXPJke%2F6KfWxkJyupxXJmI75E%2BED02ge6zlOtL7bCGdp84ds%2BDkU%2F2iK0M%2F6cuWtNctIxbRq%2F1zGhuuPzJRxrNxNhAXj6dduN0UTwgk25RFJ0f59HosQD5hXIyl5AcVIVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e2ca9d5bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QK5R3Bf_VthbqVOLRKhL2UP-Udlb-F_bRv09WPQR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame A1B4 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.177.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame A1B4 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
154.54.250.150 Saint-Denis, France, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 18:08:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1702145280650043-429
bridge
cm.adgrx.com/ Frame A1B4 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame A1B4
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=05e68e98-2f08-401e-bfce-da7908682349&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=05e68e98-2f08-401e-bfce-da7908682349&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DuT2e85Sf4B21mQI7X6GmmGpAuzrzoU180dt%2FWFQm6y%2BaVpSIh2mP3uNq%2B9Ev5I4YQTezcZD6AwA43SLa2x%2Fkj%2FNoU8REeqT12hsBRAvw7VzrCzULOjYrbFMDBfmoA1Up1gGb7ZVyTz4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e36b665bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=05e68e98-2f08-401e-bfce-da7908682349&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 09 Dec 2023 18:08:00 GMT
server
_
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame A1B4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame A1B4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxjfV0TjUMwyoG3XCx%2BzMY9KYw97CJalAAKdKcfKA4%2BLPnYzkWZ5zk7kMkKsy9LTu8F%2B1m%2F%2BoFXqz%2FtaIzULwD5zHiCtFYNU5JMxKQU6otfl4e%2BLeQPM%2BJ%2FIgwOrRzsfdSWEzW0UQn%2B44A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e3bbe85bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT, Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame A1B4 		0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-109.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
VQOLQlaZFkzdsHw_rxD75XwAPHC7TKvWI3U3GK2dEdNcnPbk4fSpeQ==
x-cache
Miss from cloudfront
usersync.aspx
dis.criteo.com/dis/ Frame 9F00
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e0441d0a98ec40cd94db7b12ef2e70fa
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
286757
expires
Sat, 09 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
crum
dsum-sec.casalemedia.com/ Frame 9F00
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717956480&external_user_id=c1c69109-42bd-43f6-8727-0151d32a99c9
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717956480&external_user_id=c1c69109-42bd-43f6-8727-0151d32a99c9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqohdibd2n1MLhBlE0ffzus2X29KghvIWu2tbCa51sb8C%2FkLPKTPx5XQ0oQMVsRtylMYyyA7CEDWso3RtZL7exFcUQek8lFic6%2B4frbzM8P%2FSiwjVWUQ4g%2BZmN5DlfYlmgrjJVPkkLkb4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e3bbed5bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717956480&external_user_id=c1c69109-42bd-43f6-8727-0151d32a99c9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame 9F00
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702231680
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702231680
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbMs3DUzYYKpLiX2ThsG9fZkKeXl74Y%2BfnprMr5eJUppwxDMJJRooCH1ZHJf%2BPzXH9WGecOv%2F6sLBbY6QjjE1vcCZVNUQZz28%2FMJMHRocktscl6uLNQg8sWpQQOzuzWSyOP9J%2BD%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e42b99bbfe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702231680
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 9F00
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8812875596088597900
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8812875596088597900
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E7XkUpdJ%2FeW9htgrcUuaLD5HE9kUChKghXOvTG6TvSjZ0VHFAd4Zv1%2BuJ0nVuhvaqn1qfsuflQOm9P8e1AJIHCPN%2BC8m3jQGMC5Cn%2FEQdCXPYU9gOrAh%2F%2Fxglfo4wl6SZWFuD15hWCAhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e35b495bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8812875596088597900
pragma
no-cache
date
Sat, 09 Dec 2023 18:07:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9F00 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.87.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 9F00
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=12b04797-ad9a-4b83-a774-e02e566595c6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=12b04797-ad9a-4b83-a774-e02e566595c6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLdxvuA2Zoz43WJM0yt%2FJIAfDmHYJAfXZ9aCaxZlv8dJcOGGdOP8ruka%2BO0c3QMk6wwgsNNtihjQzltzFoasxR3TCDvYlPvqQerzWsk00OVTY0FbJ6EFup2KwdUF3AaGz1rxOZlBVVAmzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e36b685bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=12b04797-ad9a-4b83-a774-e02e566595c6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 09 Dec 2023 18:08:00 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 9F00
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7e41445943b042499377f0e59c022574&expiration=1704737280
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7e41445943b042499377f0e59c022574&expiration=1704737280
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM2lXvwT3zgCc64MGiCKrNJWOslUeA%2BH6UK7TR4cQ0xcXzhT1oFlb3gEf4w1bJYfJFvqnazwsDwklA2VJ03FyFI34fLGi2vrLqQCiFfEKUp5KzAnytz%2FS8q1gTBZ23MfetbU2wZJZe3g2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e36b625bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7e41445943b042499377f0e59c022574&expiration=1704737280
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9F00
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP8WeUm8OD5rv5DQ2b65UR4ckmtSfrGXx4HK%2BudQuUiY%2FbwsooHfhgQiR2MxC7%2BoM0xMRnN5skqxelIGMAsBZgtrC0LnW1lOzA7q7KLTWX9WnyzrQi4mdfhYmC3mFxco7kGBfJ%2FovbTOTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e3bbea5bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=VtOyJ31EGVWTnbodzWwGs4rd2VpvexZNDRD_Ymm6A_I&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXSs--W7Y4F1D39cH6GVZgAA%265280&tc=1
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT, Sat, 09 Dec 2023 18:08:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 9F00 		0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-109.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
nrXCqrx0UWD_btm-IzrLHsvxP58qBNbdoIlnrvVxTUUfISKLuXPf5w==
x-cache
Miss from cloudfront
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 0CCD 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 07:58:53 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0CCD 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 18:08:00 GMT
style.css
s0.2mdn.net/sadbundle/6799399005551666244/ Frame 0CCD 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6799399005551666244/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
0c079a117b743eac1e4325d1d3cd52955c7233c1b34132d691e995e1e7d58050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109587
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1060
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 17:43:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 11:41:33 GMT
script.js
s0.2mdn.net/sadbundle/6799399005551666244/ Frame 0CCD 		142 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6799399005551666244/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
5b6eefa5ac8dfb11c8fd861afae77a5dfa22ba50d443bcc5c172c5b3021ccdf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14048
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 17:43:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 12:48:20 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 21DD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXSs--W7Y4F1D39cH6GVZgAA%265280&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2af5937137ac4d31b6ad42a9a515e461
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
201348
expires
Sat, 09 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 09 Dec 2023 18:08:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
5
crum
dsum-sec.casalemedia.com/ Frame 21DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6055212049786276455&expiration=1703354907
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6055212049786276455&expiration=1703354907
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iL10ZM3rSCud00wUg4t6AFODrNqmQrj2pH6aK9fa%2BrzzhBOdF5NVnwJoYjWoQGVbO%2BMUuZOWVr7seYQFoNTnxzJvJsuAoXvEGBVO9jUB%2Bq%2F90xO6yvf7r2zXE2ENnzk3t0E6XtaEya7OTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e40c555bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6055212049786276455&expiration=1703354907
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 21DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXStAAAFtsXThABH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXStAAAFtsXThABH&_test=ZXStAAAFtsXThABH
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXStAAAFtsXThABH&_test=ZXStAAAFtsXThABH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcL%2BV6Jv1795Kkz5dkUT%2FWPdWpvMKMeQrgz4yL70yMEGY8xkeYNFqnEW%2BKwGy2ACtUvOudUq632JjrIp9Mwna91CDvhvEPJegv9Iw6N4oFaV9Qb0jq9W7bR2RzQIYWz18kthIkoYpazJBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e54da75bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-cph2320026-CPH
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702145281.819640,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXStAAAFtsXThABH&_test=ZXStAAAFtsXThABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 21DD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zVkekGJtX6R38vpxHHwlrlQTr7g
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zVkekGJtX6R38vpxHHwlrlQTr7g
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmS%2FE%2B5ZKZ0WjEWVJuskEMEZ%2Bh%2FmpF6yOz0R7oyOMvPZevxJ3xPbDCCqUuQ%2F2YxxwqSZ6dWvSH6QrSERCNmGciCAxIKjXqJn3qJRUaTGvdt8U1MOpv1w2DXN4hLZzEHMUJFN6667od8wXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e5fe505bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zVkekGJtX6R38vpxHHwlrlQTr7g
Date
Sat, 09 Dec 2023 18:08:00 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 21DD
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BisW0H0iS%2Blx80gbtdRfq7CkobdhTEKMmS%2BiYsnIsoZqhEjDBqPuSJiFSqqrfZm67hi%2F2ZfT63%2FYMzC3ew6F89xmOl7N6FoYGYgJNTcXvltT4IdyEPynYM%2BpBWBDaxT%2BjMRYvNmyMVSwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e3abc25bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sat, 09 Dec 2023 18:08:00 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame 21DD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 21DD
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=930d76ab-a9ed-4c61-b297-99a06e66df29
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=930d76ab-a9ed-4c61-b297-99a06e66df29
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTIbvI11o6J3S2jLS1%2B0PVttPMp40ilUj9R4nQlHWm22TPQ6Z93s2Nfx8ZkqNHput3I1E8yIOrp%2BTLjJTH%2BDHt871o6Oy0MFtwJxALDGzre8ePPKO8FGiMATiRnu0lCJSSp%2Bva3V9yozWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832f30e36b595bed-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=930d76ab-a9ed-4c61-b297-99a06e66df29
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
CookieIndex
rtb.adentifi.com/ Frame 21DD 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.245.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-245-140.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
sync
usr.undertone.com/userPixel/ Frame 21DD 		0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-109.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
7Bg66USQzB7pqW2aRc_X_3kjWkkKhdOFqSprH3mJsB2epj-RZEdh1g==
x-cache
Miss from cloudfront
view
googleads4.g.doubleclick.net/pcs/ Frame E182 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ0ypFOQp8XVNxfBuR05Lpi3GEwnJKI0vN_diftIjjrctYmjZbJArgquBfr57H_KfpzpowTRwt33wUyjaB7WaDHiODiGW3Q4klfO14CCGF9NH6HOZkrQsG0sp-vvAN8bu4eRhyLjBrapHegu4c_r5kmoXi9b4NzMdx4nzJznNxRyCSnoPfK2z3MP1mq6pPQGeQ2TplJnussAvAlSLy-qCif719ums0JFOh69aCnK5d_aUQ_2GAPHGUeEKq0JBxaX0hJ0fW99fmo7ULYkEZELxgoKYeIoRezJzz1NuXPFU5G7tSQ0Mxt8cEYztSI3-Wp2V39NWaATVs_wEXx97DdkHoc3epAjthc3_PG80u-iHbCQg-qYTRSlcgmoXWsmvBTq3Bej4SsJPMcVCp8XMQp8IJmV2VQOhYqbAsOJGPi5r3a4uEgTVAfyroCKmm73JgrDofHzXjkITygj0xTkOgd6nYnRIbu9kQ5YAqohqsGcgqhM2AIAbti0J3YA7tn5ePTU8D4i4bOSqohWOcMlcDrHpbnslLlYL2hxGGoFbVlsOZSAxw3gAtRAxn4-IjjEqAyY3ZVGZwRj1s5R8FSbJaz-WnFMoBdZV-buTG7g_mEuiwnEOuEfUvlqbzSl_zxYvcNogcphBZQYd1avT1EEstwjF5dytPBZn-JqqUvB40Ns1s0Qa8qpJXed7eBm_Qgigelfjw7x-52JJYA9q5JygPxRFylkjnoZIB_bz8Hf3HjH52yQH8E3CsG0KhDYzKbch3rSHHbVBwUq09kwcjBEIYygmz4i7L8rNQ_2V_nZMY3eBM9HVlC79S-juMr4ar319vmtsib7pHThrAmhPApKNOTaYPYB5vjSzR_tpQI-CVFmaVG0-XtbIHIHmgT6FTpY9wMeNn38vAK2gqgGOs11UlyhuNCGofu1HjZ5XIK1kRqg71oE0uJ34tr0QTCfVBz6xbh4qgh9zYn4fEAdDu4O-0c5O00cT8ZTnSqKd_r7uwOsKg_mYZJjQEBvj7I4RmRo-qSZFQ1_RRXxs2WiolVAimV1wLl_hcf_SWajlzCTHtXiPaBUdYQ2QPeZ_JwKrZucG_jyRF20A34dbFks8Mug0oy7GQwy4iGNu5oaIcwXoF7fUeJ4TAE7E9_kxi7UhlbJCLYOBhyAS1Jy8G_b_EjEI6_Q2Rdlpb9AdUWXSDXEe3NfD_ohoZIgL7CnbD991JbRVcFleNiJSOLEY4OIZmMvslmqX0aF1aMiNDQKdPddEaCIHHdguZzIf7W7EiG4LkrPExeKJ8oh6Y6zl5fDoC_qRCdHo5ZCr4pjjK-Q5jzmG3T4DAkAzQwprEq00oS9qBL8QphQ7c9VI8JdoSheLX9uu9YH0O8Nt4UFC4CH7whUSVqZ3rUjusoE41OaaDQkNsq24fJBSn87nGQvVAbGWxnHpyOpvszsCZ4w_mZ7k&sai=AMfl-YTrv4bVsEwqw3b9eO9A37CMTgnrIZHzH60GIRaUktJSMiSRyXKZKd08lKvjTd96oJfLQhOHAx2YOHYk1qsCNdjGxqkUIVjizaYTmJdbGUwcpsZDOPEL1E3C9RzbZ8WkM8T-7oIX1-mk-OxcZocJ-Vu_NwV3U32wQdYnoGHW6KaSStHP6NTww9sk-ydFByO_xJ6l6Fh_xrhqHmxWKlAb1_IBIUaFX9eMzRpbj22RmVQyCIGneWvlAMi-HXbJlAWgwUO9Mo8&sig=Cg0ArKJSzIzt-7cyfl3FEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=451&vt=11&dtpt=306&dett=3&cstd=140&cisv=r20231206.20479&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0CCD 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
27e4bf0c6d12bae538b8e59a57b06967ca605ba33d2cabcd60f15d70aef9d71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5989
x-xss-protection
0
970x250_fitbit_google_b_logo.png_1693398202867_970x250_fitbit_google_b_logo.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_fitbit_google_b_logo.png_1693398202867_970x250_fitbit_google_b_logo.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
766f07e7383e1bf3ab180c4ba48ac9deb533c7b224aea3066acd67b88b040923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:27 GMT
x-content-type-options
nosniff
age
169233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11748
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 12:23:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 19:07:27 GMT
blank.png_1646397175183_blank.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame 0CCD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/blank.png_1646397175183_blank.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
2af1846e77fc4caa3ace965bb082263f77a2090358dfa427245adf469b00408b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:53:15 GMT
x-content-type-options
nosniff
age
58485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3569
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 12:33:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 01:53:15 GMT
970x250_melroy_de_copy1.png_1694767526508_970x250_melroy_de_copy1.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_copy1.png_1694767526508_970x250_melroy_de_copy1.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
d747ecb2ace7f43de1bb8b572986738b601c15acdf66acb1e0db77a3e9983910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:19:09 GMT
x-content-type-options
nosniff
age
42531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7173
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 06:19:09 GMT
970x250_melroy_de_copy2.png_1695292788078_970x250_melroy_de_copy2.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_copy2.png_1695292788078_970x250_melroy_de_copy2.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
814e668f3bbd4663d720802f4e7f60a1e7e04317535010dd4fcafaa2ae443bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:37:51 GMT
x-content-type-options
nosniff
age
77409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12802
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 10:40:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 20:37:51 GMT
970x250_melroy_de_copy3.png_1694767526508_970x250_melroy_de_copy3.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_copy3.png_1694767526508_970x250_melroy_de_copy3.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
e416d505c8b778adcf9e24dd9c3be2af8b36deff78cedc0ddcf93cad99065dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:00:47 GMT
x-content-type-options
nosniff
age
86833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3185
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:00:47 GMT
970x250_melroy_de_copy4.png_1694767526508_970x250_melroy_de_copy4.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_copy4.png_1694767526508_970x250_melroy_de_copy4.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
a4e3f74a8547e92b577500bc15796ea137dd5cb8bd677940ee4b6cee2276b0d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:10:04 GMT
x-content-type-options
nosniff
age
435476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9764
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:10:04 GMT
970x250_melroy_de_device1.png_1694767526508_970x250_melroy_de_device1.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_device1.png_1694767526508_970x250_melroy_de_device1.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
71771819acec108acd87e4876de617b918adf130af69b8a92f4ad626840364f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:10:04 GMT
x-content-type-options
nosniff
age
435476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58478
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 17:10:04 GMT
970x250_melroy_de_device2.png_1694767526508_970x250_melroy_de_device2.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_device2.png_1694767526508_970x250_melroy_de_device2.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
7a7de0a567f4181a50dcd5e11741f35b79e80b34c210f37bfdeab75a2db7a79b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:52:00 GMT
x-content-type-options
nosniff
age
36960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90958
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 07:52:00 GMT
970x250_melroy_de_device3.png_1694767526508_970x250_melroy_de_device3.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_device3.png_1694767526508_970x250_melroy_de_device3.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
1b0e87e4a7d9fee722660506d48393ef67d281a5c2417b4ffd6178fdc1db4f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:42:24 GMT
x-content-type-options
nosniff
age
26736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63921
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 10:42:24 GMT
970x250_melroy_de_device4.png_1694767526508_970x250_melroy_de_device4.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_de_device4.png_1694767526508_970x250_melroy_de_device4.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
5fb4df0d97f35b212c68e41e69c2558cfe0765149a20b42821e50295ca06778d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:35:00 GMT
x-content-type-options
nosniff
age
77580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77506
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 20:35:00 GMT
970x250_melroy_buynow_de_cta_off.png_1694767526508_970x250_melroy_buynow_de_cta_off.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_buynow_de_cta_off.png_1694767526508_970x250_melroy_buynow_de_cta_off.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
0144c8276ec3e781c6f088e263514a4ee5f66f8838f8599bfb50b3d1607d40fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:39:18 GMT
x-content-type-options
nosniff
age
77322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4368
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 20:39:18 GMT
970x250_melroy_buynow_de_cta_on.png_1694767526508_970x250_melroy_buynow_de_cta_on.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/ Frame 0CCD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4887429/970x250_melroy_buynow_de_cta_on.png_1694767526508_970x250_melroy_buynow_de_cta_on.png
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
e4b9f58bbad39722ec68ebe7dfe22233006eaf648b6e88e9fef951f4f383ac15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6799399005551666244/index.html?e=69&leftOffset=0&topOffset=0&c=1JSqxR6o5V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:09:43 GMT
x-content-type-options
nosniff
age
104297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4167
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 08:45:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:09:43 GMT
usync.js
eus.rubiconproject.com/ Frame A03A 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29907
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:26:27 GMT
usync.js
eus.rubiconproject.com/ Frame 05C3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29907
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:26:27 GMT
usync.js
eus.rubiconproject.com/ Frame 5A17 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29907
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:26:27 GMT
usync.js
eus.rubiconproject.com/ Frame D292 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29907
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:26:27 GMT
usync.js
eus.rubiconproject.com/ Frame 6849 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29907
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:26:27 GMT
khaos.json
token.rubiconproject.com/ Frame 5A17 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
khaos.json
token.rubiconproject.com/ Frame D292 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
khaos.json
token.rubiconproject.com/ Frame A03A 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
khaos.json
token.rubiconproject.com/ Frame 05C3 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0CCD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 18:08:00 GMT
khaos.json
token.rubiconproject.com/ Frame 6849 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
stats
gw.geoedge.be/api/ Frame E182 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/stats
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.24.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-24-34.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
content-length
0
x-amz-cf-id
zEXEspwpCn-h5bctV_ahnhPmHc_IH6hxLkukkIxJHVlvanPplHuUWA==
x-cache
Miss from cloudfront
truncated
/ Frame E182 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d9e0d05669a3610c7263c551b8b406344c148713485f7e8124f61b05e2463cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 16 Dec 2023 18:08:00 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=epochfun/word-wipe-epoch-games-4013587
  • https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=epochfun/word-wipe-epoch-games-4013587
  • https://a.clickcertain.com/px/?c=244b81b94c69796&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=244b81b94c69796&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Server
104.26.8.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e8013806a5ee7021ad31d6ba6d4c135fec86a38e1ebac9861d8f319aec3c10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
content-encoding
br
x-frontend
cc-nginx-5776dff989-dj82f:cc-nginx-5776dff989-dj82f
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
f19cc25e-5e66-482f-87f3-2defa80f543b
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBfyIwQBhvSEBRUhcx2aaySKmWJZe2pwfSzHEpJk7DlwHCGjnwbtgDBpxTqw2XSNapAOFsg4MUFZmUiPfijU7wEUjW%2Bo0FFr%2F%2F20w1IiOurqPNDqU3ptKEJ7AoftTjhUMhMBBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
832f30e6d8c1906c-FRA

Redirect headers

date
Sat, 09 Dec 2023 18:08:01 GMT
x-frontend
cc-nginx-5776dff989-str2h:cc-nginx-5776dff989-str2h
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
1ad4f74d-1cb0-425a-bbc9-af30fd186e27
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y2MRDbzGX7C8pGgvZY8gsAkmdmMR3cqBFOsbOlATsNoUrGeybIPWIfhggPLJpYv0MAukjAxO%2B%2BxXyAepWmt%2FISlHHlUrR%2FNEH8a3njI2uOTw2ycCby4LyE7D5s7%2FuIuTXbhEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
location
https://a.clickcertain.com/px/?c=244b81b94c69796&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
cf-ray
832f30e5efb6906c-FRA
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 09 Dec 2023 18:07:59 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D10B269464CB439AA905B0C7FD420BF2 Ref B: DUS30EDGE0417 Ref C: 2023-12-09T18:08:00Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-696467118
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5b202b4f92f836aa3778c767db2c6ceed03ef38cb542c0738e35e6d3d72ef67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72450
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 18:08:00 GMT
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100415
  • https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702145281019
28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702145281019
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
HTTP/1.1
Server
52.200.58.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-58-150.compute-1.amazonaws.com
Software
/
Resource Hash
eaa05a2c39a474ba4369f18add280a898ee9c58cad5389180f622b0c96dd7dc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 18:08:01 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
28662
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702145281019
Date
Sat, 09 Dec 2023 18:08:01 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230029-FRA
6irth52s.js
js.alocdn.com/c/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.alocdn.com/c/6irth52s.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-110.vie50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
b1a48777454353c2b6ff6e617c2caf64c290e2ba4f55fd74a30d97f734198c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:40:22 GMT
via
1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
VIE50-C2
age
19658
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=28800
x-amz-cf-id
-JqCddZh83row0uFjj-J6afnDk36VJbkj7PuB5gRIuwkyn6QN8gqRw==
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1702145280684&ns_c=UTF-8&c8=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&c9=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-58.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
via
1.1 1dd177f0f1668dc5abba6f90eb9da04c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-amz-cf-id
S9C_yX7c9n4x185Tu-3sURHIGSpyvqElTUszP6cTU1DmCW5uwclNuA==
x-cache
Miss from cloudfront
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 44C2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
14788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 14:01:32 GMT
rules-p-a128V7tctPVtT.js
rules.quantcount.com/ 		3 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-73.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:01:30 GMT
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
43591
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:44:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
qY6-nDMYt227Tsqe74CeCrYwMoWIRXmzyqPuEZzSncpLbXlY2Zabew==
emptyLine.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/emptyLine.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0779d2575b8f8662ebc448555e34ce11f32a42d4f3aa9507c8945c12bd1fffd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:35 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce373-3c00"
content-length
15360
content-type
audio/mpeg
PowerupPartyBombExplosion1.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/PowerupPartyBombExplosion1.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
6d512629fcf3e4dc24784bc2f5996cd4ed91466f27040f60b7d87f2a29240c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-5400"
content-length
21504
content-type
audio/mpeg
bombCharged.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		11 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/bombCharged.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3daf1d554709263906081cc297c4408939fe03275489e2c539e85c7d4ec44d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-2d00"
content-length
11520
content-type
audio/mpeg
ButtonClick.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/ButtonClick.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8b27f626860ba1a96ad14ee2b869fb5a9bfe2ff95409c82d0bf05332bc153d6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-ef6"
content-length
3830
content-type
audio/mpeg
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/?random=1702145280783&cv=11&fst=1702145280783&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&auid=1466844356.1702145278&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
eae5c3746662210cf737e5af16e2d0aa0d04356fa16cf2e5a8658eb7139583cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a7cd6e3f-641c-43c8-b0c6-7f71646dae0d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=nzye8&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
176
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
fe6b938270f935e2
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad13431f3072da4fbc9bd2e4ff28e1e6e66f1d9af3d9351643092c284c3d4ea4
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a7cd6e3f-641c-43c8-b0c6-7f71646dae0d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=nzye8&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
103
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f3ac6e25bf8aa223
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c21ecdc936aff003e5f64ca07c442c7a0cbc811ca92047f899c98050761bc287
content-length
43
adsct
t.co/1/i/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0f6dd82f-979c-4b44-a564-f2367fe059d6&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=ofnz2&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
180
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e2c0734446f06aae
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad13431f3072da4fbc9bd2e4ff28e1e6e66f1d9af3d9351643092c284c3d4ea4
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0f6dd82f-979c-4b44-a564-f2367fe059d6&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=ofnz2&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
105
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
65aa9b139537b803
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c21ecdc936aff003e5f64ca07c442c7a0cbc811ca92047f899c98050761bc287
content-length
43
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=78d2c169-a6f1-4310-8e02-dc623977427b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=odl9r&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
103
date
Sat, 09 Dec 2023 18:07:59 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
31346f078b29585b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad13431f3072da4fbc9bd2e4ff28e1e6e66f1d9af3d9351643092c284c3d4ea4
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=78d2c169-a6f1-4310-8e02-dc623977427b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=odl9r&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
174
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
2df2b26da2fea9a4
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c21ecdc936aff003e5f64ca07c442c7a0cbc811ca92047f899c98050761bc287
content-length
43
adsct
t.co/1/i/ 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2bfc3021-a3a5-4f4a-884b-d3ee91d56cef&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=ofy5s&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
181
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
3174da9f046abc77
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad13431f3072da4fbc9bd2e4ff28e1e6e66f1d9af3d9351643092c284c3d4ea4
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2bfc3021-a3a5-4f4a-884b-d3ee91d56cef&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=ofy5s&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
184
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
94362c1620db3b53
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c21ecdc936aff003e5f64ca07c442c7a0cbc811ca92047f899c98050761bc287
content-length
43
adsct
t.co/1/i/ 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=168210c5-7450-4460-87a6-f04c86d7ba1d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=od4qh&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
105
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d23cf634dd0a81d1
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad13431f3072da4fbc9bd2e4ff28e1e6e66f1d9af3d9351643092c284c3d4ea4
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=168210c5-7450-4460-87a6-f04c86d7ba1d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5709681-e90a-47f3-a122-a0795ad02d06&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&tw_iframe_status=0&txn_id=od4qh&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
178
date
Sat, 09 Dec 2023 18:08:00 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
bc674cfa18d222be
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c21ecdc936aff003e5f64ca07c442c7a0cbc811ca92047f899c98050761bc287
content-length
43
138003605.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/138003605.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
1152f79a12543479de3ec4e56eaa913401cd934968ddfcbf833218f585a0e494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sat, 09 Dec 2023 18:07:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FC4F55D68A948D2B65E2240EE7590EF Ref B: DUS30EDGE0417 Ref C: 2023-12-09T18:08:00Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=138003605&Ver=2&mid=3d98e850-4b58-41b7-a727-112273bfab5a&sid=e3b58af096bd11eea764d17ac1b7e93f&vid=e3b5a07096bd11ee849f4910e92e117b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&p=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&r=&lt=1288&evt=pageLoad&sv=1&rn=879535
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 18:07:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7D104AC78791452FA8C4FB35724A3734 Ref B: DUS30EDGE0417 Ref C: 2023-12-09T18:08:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/696467118/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/696467118/?random=1702145280783&cv=11&fst=1702144800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNhxSy82tptjfy2HLNM0iuBAvdACfvS7RYRqMUPYh-f6lxQTaS&random=3732355822&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/696467118/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/696467118/?random=1702145280783&cv=11&fst=1702144800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNhxSy82tptjfy2HLNM0iuBAvdACfvS7RYRqMUPYh-f6lxQTaS&random=3732355822&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1243613034;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587;uht=2;fpan=1;fpa=P0-1749420499-1702145280732;pbc=;ns=0;ce=1;qjs=1;qv=607...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1243613034;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587;uht=2;fpan=1;fpa=P0-1749420499-1702145280732;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=theepochtimes.com;dst=1;et=1702145280891;tzo=-60;ogl=title.Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%2Cdescription.Play%20online%20Word%20Wipe%20game%20%252EPlay%20now%20for%20free%252C%20no%20download%20or%20registration%20requi%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2Fepochfun%2Fword-wipe-epoch-games-4013587%2Csite_name.The%20Epoch%20Times%2Clocale.en-US%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2021%2F09%2F23%2Fwordwipe_1280x720-700x42%2Ctype.website;ses=d27f2264-42a0-443b-92c2-98ed4a9e2833;mdl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Dec 2023 18:08:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
Success.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		22 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/Success.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
18ba062a1d9c3808d7e5ff9276f7667f9e9649a82648901eae1dcd6ac1f118dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-5700"
content-length
22272
content-type
audio/mpeg
gameOver.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/gameOver.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f634e3db916003e53999477fd8f569a27739cacd82a346f4d131b5cd76b687d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-5400"
content-length
21504
content-type
audio/mpeg
time_15sec.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/time_15sec.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e559650e90b5e7895e80ba36e4a060ad133f55bf35b46df65b647a5eb2264c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:34 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce372-13d5"
content-length
5077
content-type
audio/mpeg
time_30sec.mp3
game.epochbase.com/game/word-wipe/assets/audio/sfx/ Frame B1C0 		20 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/audio/sfx/time_30sec.mp3
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
821b923aa515566c2c27c9b5be3e451b03b147e0365e009fadd7c89b396f5fa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:00 GMT
last-modified
Thu, 23 Sep 2021 20:28:35 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce373-5065"
content-length
20581
content-type
audio/mpeg
138003605
www.clarity.ms/tag/uet/ 		828 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/138003605
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/138003605.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4d6a9056ac661927feaae041c67d6bca4c8dbccbc9340becad05a2e1f0ebe98e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
-1
date
Sat, 09 Dec 2023 18:08:01 GMT
x-azure-ref
20231209T180801Z-17nnzw4vs96kz483vv8kaqr0ww00000009w00000000097ab
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
828
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
words.txt
game.epochbase.com/game/word-wipe/assets/ Frame B1C0 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/words.txt
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
489df896a4f7bb7ef690cbf80e79531351632db12ffd458832acd8cd1581cc9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
last-modified
Thu, 23 Sep 2021 20:28:36 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce374-2b3219"
content-length
2830873
content-type
text/plain
fontsData.json
game.epochbase.com/game/word-wipe/assets/data/ Frame B1C0 		251 KB
252 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/data/fontsData.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ae5515f85fbd77b330a870a535f83fe3a50dbe822b75e35bb47d5f749fe9ba6f

Request headers

Accept
application/json
Referer
https://game.epochbase.com/game/word-wipe/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
last-modified
Thu, 23 Sep 2021 20:28:36 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce374-3ec6c"
content-length
257132
content-type
application/json
fontsAll.png
game.epochbase.com/game/word-wipe/assets/images/ Frame B1C0 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/fontsAll.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ca3c79ed7c22564d56f4bed63cb1ae87755b527d32e6a3baa52e1ce5fe7f541c

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
last-modified
Thu, 23 Sep 2021 20:28:31 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce36f-334b9"
content-length
210105
content-type
image/png
BlurX.js
game.epochbase.com/game/word-wipe/assets/filters/ Frame B1C0 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/filters/BlurX.js
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3f37696da8904a530984d1a0dac30a5c1316461dc528aa8e1a1327810ac91969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
last-modified
Thu, 23 Sep 2021 20:28:31 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce36f-745"
content-length
1861
content-type
application/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame E182 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8LdQOxrMSFVjzyTHlzkcaUeGs_Q6OehMoSO4jFRbwr89shI9LN5pMO6Dj_P03u-ElxN_wh1sKEo3B-o_x5v5YVvcLDq3VuqHWT3-4o4zwoOMRwt3NWQ_uA3KzBSpSukmDWepINzKnlY4m&sai=AMfl-YQ3kD1LmOPo1qYmFBm9Iqb9FiDnGkF-YKvtdvg53EETaD0PWUXuIq0Ok-UG6uGdboXkhJYnwJdJE_Q_FYgH_nOkWaxAV-QKK7xQYhT7Dw2JNImdTEvbNXDxgYR-Wx16r3n_TQ7zISI&sig=Cg0ArKJSzAo1BUDogRPlEAE&cid=CAQSPADICaaN0pL1lyELyDwEml8r5v9pTWwxpvcjfHsuwX5Jo8z25XWgfB9GZwQwRxUSmKnG3jr-pIURcWPT3xgB&id=lidar2&mcvt=1014&p=96,140,346,1110&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1797975165&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702145279647&rpt=415&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/138003605
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 12:08:18 GMT
etag
W/"0x8DBF4C1B3818466"
vary
Accept-Encoding
x-azure-ref
20231209T180801Z-17nnzw4vs96kz483vv8kaqr0ww00000009w00000000097b0
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a83e7593-d01e-0008-28ad-2634d4000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
/
tags.wdsvc.net/tpc-eval/ 		21 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=18c4fc3cc79-tags9-875ccbdc2f7fb
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.200.58.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-58-150.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 18:08:01 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
p.gif
p.alocdn.com/c/6irth52s/a/etarget/
Redirect Chain
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-...
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-...
42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&auid=86640b64-ee00-414b-8b45-3d3a9cebe8ea&tdc=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Server
35.162.252.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-252-179.us-west-2.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sat, 09 Dec 2023 18:08:02 GMT
server
nginx/1.20.1
content-type
image/GIF

Redirect headers

location
/c/6irth52s/a/etarget/p.gif?title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&auid=86640b64-ee00-414b-8b45-3d3a9cebe8ea&tdc=1
date
Sat, 09 Dec 2023 18:08:01 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
nginx/1.20.1
content-type
image/GIF
collect
o.clarity.ms/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Sat, 09 Dec 2023 18:08:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
BlurY.js
game.epochbase.com/game/word-wipe/assets/filters/ Frame B1C0 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/filters/BlurY.js
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
825918cce712f3898a4580f87892a660a1d057eff472ca9cdde98d41a2af1696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:01 GMT
last-modified
Thu, 23 Sep 2021 20:28:31 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce36f-745"
content-length
1861
content-type
application/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame E182 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9700044528174&version=m202309260101&ct=76&x=1&cor=2772346570509470000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gameUI.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/gameUI.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
88b7f8c564aa37b8b50eac5028d5b6f6125fdc861cae746485b23a976f5286b7

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-15970"
content-length
88432
content-type
image/png
/
mixproxy.epoch.cloud/mixpanel/track/ 		1 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1702145282215
Requested by
Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
43
alt-svc
h3=":443"; ma=86400
content-length
1
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wD6Wq4wH2%2B1bcjEsLvwTWQlRp6VSGBnammm6O%2BiAbYYPW0okw2h3d%2FfToOSnIL7ofwAA3%2BLsSoAiY%2FiqqTNr5gXAtfxmNTumvZAt8L0h4urfupX6IIiKdozz3W2VhohTS%2FnKTYsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
832f30ee2f4a0810-IAD
access-control-allow-headers
X-Requested-With
flashAnims2.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		323 KB
323 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/flashAnims2.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d2be858a56620ab5e710ec83c7ddd5a05a4882bd9d13a995cc3bf5dff2e0e1a1

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-50b7b"
content-length
330619
content-type
image/png
flashAnims3.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/flashAnims3.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3cf2935d067f6ea575d06115f24137c0a5e1fa00abeced1db2fc710a1ca77e0e

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-4948f"
content-length
300175
content-type
image/png
fontsAll.json
game.epochbase.com/game/word-wipe/assets/images/ Frame B1C0 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/fontsAll.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b898e6be0107dfa3b3ce3898d2198fc5554bdf8f82dbed4b719d591dbd66fa7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:31 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce36f-19cd"
content-length
6605
content-type
application/json
gameUI.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/gameUI.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
47291f7c76b6a7c1ac558da512ccc99edacd275f2c4978d1abcd7adc61ccab6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-46b9"
content-length
18105
content-type
application/json
flashAnims2.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/flashAnims2.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9f3cb53b7e6003cfd9fdcb7680aedb78d7566c699ef746d93c850da13922c1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-4a63"
content-length
19043
content-type
application/json
c
ea.epochbase.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Sat, 09 Dec 2023 18:08:02 GMT
server
nginx/1.20.1
c
ea.epochbase.com/api/pw/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 09 Dec 2023 18:08:03 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
uiItems.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		459 KB
459 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/uiItems.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
222bff21d3a800dc3e895040eb65643edcde3dc897e389dae2047ccef3908497

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-72a95"
content-length
469653
content-type
image/png
helpScreens2.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		376 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/helpScreens2.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
27a4c33230f2a57da3135ea231ce8f2cb7c9f89ca68b605017e5384594b2cbe6

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-5deeb"
content-length
384747
content-type
image/png
flashAnims3.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/flashAnims3.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
df6fd467ac093b25be3fe611e0869565d2e0a5f1f5aa9590d7d383fc99f56b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:02 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-30f0"
content-length
12528
content-type
application/json
boardBackgrounds2.png
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		502 KB
503 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/boardBackgrounds2.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9d705e4e03a176cccaa1d2345250cc3df0549ec6a2b78b6495a650feb4e852df

Request headers

Referer
https://game.epochbase.com/game/word-wipe/
Origin
https://game.epochbase.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-7d846"
content-length
514118
content-type
image/png
uiItems.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/uiItems.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ca3831eaf724f8b5b0273ad0f3ee47cd9392653dcbe32fb68e0b1a097942c021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-1dc5"
content-length
7621
content-type
application/json
post-log
tags.wdsvc.net/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/post-log?v=4.10&amp;t=1702145281145
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.200.58.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-58-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Sat, 09 Dec 2023 18:08:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html
/
insight.adsrvr.org/track/evnt/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=4tgsadn&ct=0:n27fxwf&fmt=3&td1=18c4fc3cc79-tags9-875ccbdc2f7fb
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
insight.adsrvr.org/track/conv/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:cbmj8de&fmt=3&orderid=&vf=&v=&td1=18c4fc3cc79-tags9-875ccbdc2f7fb
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
insight.adsrvr.org/track/conv/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:idisnfs&fmt=3&orderid=&vf=&v=&td1=18c4fc3cc79-tags9-875ccbdc2f7fb
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
helpScreens2.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/helpScreens2.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1cd7fb5bee3f262c89c6fdf3e31fe27728088f7f33bf204f56ad8e9905f30dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
last-modified
Thu, 23 Sep 2021 20:28:33 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce371-16da"
content-length
5850
content-type
application/json
boardBackgrounds2.json
game.epochbase.com/game/word-wipe/assets/images/x2/ Frame B1C0 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://game.epochbase.com/game/word-wipe/assets/images/x2/boardBackgrounds2.json
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.211.89.112 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
112.89.211.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
dc4b793c860e3a5520f855325bd7fd380ac437fa2f670695268e9e5c324b8fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://game.epochbase.com/game/word-wipe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:03 GMT
last-modified
Thu, 23 Sep 2021 20:28:32 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"614ce370-49a"
content-length
1178
content-type
application/json
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je3bt0v884763001&_p=1702145277545&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2124889639.1702145278&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1702145277&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&dt=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&uid=&_s=2&tfd=8129
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://game.epochbase.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 09 Dec 2023 18:08:03 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://game.epochbase.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 09 Dec 2023 18:08:03 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame B1C0 		159 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba0c2c189174e19281d435f90c0595f069239b2144b02162f8298c2d65c39dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://game.epochbase.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
D4136597-1857-4CB8-98FD-4601126EDBF5
strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 18:08:03 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
159
track
dc.services.visualstudio.com/v2/ Frame B1C0 		159 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba0c2c189174e19281d435f90c0595f069239b2144b02162f8298c2d65c39dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://game.epochbase.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
9EA7CDA8-22F7-4FA7-8AC6-CF25747CA634
strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 18:08:03 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
159
track
dc.services.visualstudio.com/v2/ Frame B1C0 		159 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba0c2c189174e19281d435f90c0595f069239b2144b02162f8298c2d65c39dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://game.epochbase.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
4A5AFD95-E8F5-4E03-995D-53BD213C2B46
strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 18:08:03 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
159
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://game.epochbase.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 09 Dec 2023 18:08:03 GMT
x-content-type-options
nosniff
a
ingestion.contentinsights.com/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.contentinsights.com/a?d=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&f=2748&pid=4013587&b=&u=1702145279475.475130402.60262173&ul=1702145279475.287568157.943884&at=5&ar=5&ts=1702145284&seq=1&x=0.09204055727573901&err=&ver=22
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.12.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-12-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 09 Dec 2023 18:08:05 GMT
client
accounts.google.com/gsi/ 		206 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client?_=1702145277116
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f84.1e100.net
Software
ESF /
Resource Hash
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CO9Mizx56RCD6ubzZizodQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-CO9Mizx56RCD6ubzZizodQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 09 Dec 2023 18:08:05 GMT
r
ingestion.smartocto.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingestion.smartocto.com/r?p=0%3Alpydcnhb%3AIvzIFctRLjZ2Tx6eLeXlap9HcMNRMz0Q&s=0%3Alpydcnhb%3Ag6z9FiivSHEU5Iqomd165Astvj9T18Om&v=0%3Agv6i1l3C1dHNPsVIc4a_rWs45_6IbDtZ&e=0%3Agv6i1l3C1dHNPsVIc4a_rWs45_6IbDtZ1&c=1702145285473&n=f&f=f&l=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&i=1600&j=1200&k=1&w=1600&h=1200&t=readingTime&ar=5&at=5&bid=epochtimesus&rid=4013587
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/ingestion.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.111.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Sat, 09 Dec 2023 18:08:05 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-50co_4Yu1gUEJNBB6YTzVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-50co_4Yu1gUEJNBB6YTzVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 09 Dec 2023 18:08:05 GMT
events
mp.theepochtimes.com/webevents/v3/JS/us2-c639a6aabfcf124097c91276dd5884fb/ 		42 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/webevents/v3/JS/us2-c639a6aabfcf124097c91276dd5884fb/events
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7e83c0ee95b48f6012cd29deceac7a719bb743a1271f6c1d6354413eddfc8d2c

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-cph2320025-CPH, cache-cph2320025-CPH
date
Sat, 09 Dec 2023 18:08:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
x-timer
S1702145288.377323,VS0,VE286
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us2_origin
x-cache
MISS, MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0, 0
p
ingestion.contentinsights.com/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.contentinsights.com/p?a=Epoch%20Puzzles&b=&c=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&d=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&e=Word%20Games&f=2748&g=2023-11-03T15%3A30%3A24Z&h=epochfun-137957%2Cpuzzle-games-152300%2Cjoypass-free-155614%2Cspecial-epoch-games-155638%2Cbrain-games-156107%2Cword-games-156911%2Cepochfun-premium-166969%2Cfrontaudio-161329&i=&j=free&k=news&l=&m=anonymous&ch=&n=article&pid=4013587&u=1702145279475.475130402.60262173&ul=1702145279475.287568157.943884&x=0.09204055727573901&pn_count=1&t=1&err=&ver=22
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.12.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-12-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 09 Dec 2023 18:08:09 GMT
track
dc.services.visualstudio.com/v2/ Frame B1C0 		159 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: game.epochbase.com
URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba0c2c189174e19281d435f90c0595f069239b2144b02162f8298c2d65c39dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://game.epochbase.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
B86D2442-8908-4B76-BA40-C13B2DCD701B
strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 18:08:09 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
159
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://game.epochbase.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 09 Dec 2023 18:08:09 GMT
x-content-type-options
nosniff
/
a.clickcertain.com/px/cont/ Frame 892B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=epochfun/word-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36685bc67b611843dcdfb88d7a08d4bdab8899305754cd276850417a63a5788d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
832f31218aee906c-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 18:08:10 GMT
etag
W/"ZDg0YmY3M2VnNjQ1MGc0ZDZkZzhiZWNnODA5MGJkOGVlODY1LXow"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74YMPRljU0MSTcvyvZPLeuH%2B0yxrsnIw9NMJqqxkoONrjBdedStgg2%2FQzWjJ3JarIBCnWU4RvIFr1DpTAIAQsD%2BtKZCO6acOl9gQobHlkBCjam71P29xxRyF%2BKnc4d%2B6RgJBAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frontend
cc-nginx-5776dff989-tg6rw:cc-nginx-5776dff989-tg6rw
x-requestid
984f8a04-5737-46ab-9461-7f870fce417c
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
dbe91f4307fccfe75857a116fa4f0299894d096cc9a2e1d0959534ee902a56ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12066
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7B6740B0E00646B4ABD7F302F7E82552&RedC=c.clarity.ms&MXFR=3009DEEAE097677F3068CD08E49769B9
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B6740B0E00646B4ABD7F302F7E82552&MUID=2DAA355C237F6980143E26BE22BF68F7
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B6740B0E00646B4ABD7F302F7E82552&MUID=2DAA355C237F6980143E26BE22BF68F7
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:10 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 966EC07D4452429FAC303D45EBE3ADA9 Ref B: DUS30EDGE0417 Ref C: 2023-12-09T18:08:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B6740B0E00646B4ABD7F302F7E82552&MUID=2DAA355C237F6980143E26BE22BF68F7
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=490013421558-fsr5v4sfmmhdjuqbnpoghql9do3gmjk9.apps.googleusercontent.com&as=jcWusm0GyFJweU1YoCsLrA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?_=1702145277116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f84.1e100.net
Software
ESF /
Resource Hash
421156198b1e01ef77acf849468e0b691b95025b959c79104cf210c04350d4f9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-hdluSK1CO-EghtNBFoqBHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-hdluSK1CO-EghtNBFoqBHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/855967303/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/855967303/?random=1702145290498&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&value=0&bttype=purchase&auid=1466844356.1702145278&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
60ac48631c9a2c1cec01eb96c89e75d964ac78ef9f76fd208835a9858fa646f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1694
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
push_notif.js
services.epoch.cloud//public-labs/src/push_notifications/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Sep 2020 15:46:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1672
etag
W/"5f6384bb-18fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aos6cp%2F%2FHnZLLv9DC5IjjqUOqoaDMKvK9fCLVVPZyiojzrEdQrgSB8VemwxKnevvETDajJotR8q1atP3djZZa2w%2Fb2slNzvB3OoXG2jlhybUdwMqG3jU5vSQbldHNOoTBzztBhQ28A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
832f3121ffda3970-IAD
alt-svc
h3=":443"; ma=86400
ge.js
s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.238.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:12 GMT
Last-Modified
Tue, 29 Aug 2023 17:44:45 GMT
Server
AmazonS3
x-amz-request-id
EFJWMMSJ1FZVR1VA
ETag
"b54fadc7e5991d9914d62a0459bfdf77"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
60527
x-amz-id-2
W7FslYgYOyB2gUyhhuV4IqSLfq2viNODjXCMDr67812XuPZU0Kxthv5mPbyyKwPEIOFa0GQfwNo=
Expires
Thu, 28 Sep 2023 17:44:44 GMT
destination
www.googletagmanager.com/gtag/ 		193 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-2601429205&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ee2272a92de13555f567e0b85903cc25afbb12ace398271ee2f42dc9bcd9726e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72918
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 18:08:10 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/24003086/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-58.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:41:19 GMT
via
1.1 1dd177f0f1668dc5abba6f90eb9da04c.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
37621
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
5p7GJ5L0bS7x1dqeAvGKIIx5JY8bZqiYhd_SqAZwXQ04JnW3bVEh0Q==

Redirect headers

date
Sat, 09 Dec 2023 18:08:10 GMT
via
1.1 1dd177f0f1668dc5abba6f90eb9da04c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
Uf15HmNxDDhaIPW1ypfGwAD5DDt5EBNkaaDXdJ1rUgAkZskUJf5kBw==
dc_oe=ChMI95KTpvmCgwMVDJ79Bx1NZA0eEAAYACDKgrpNQhMIjazcpfmCgwMVh5P9Bx3HHAXb;dc_eps=AHas8cC-oqXeupF5MgwELJQFRkRzGkU9vPq58qqeS3dMZU1aluJx5GIvmo_kMCQdp9iSQFEETBLIE7Q;met=1;&timestamp=1702145290557;eid1...
ade.googlesyndication.com/ddm/activity/ Frame E182 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI95KTpvmCgwMVDJ79Bx1NZA0eEAAYACDKgrpNQhMIjazcpfmCgwMVh5P9Bx3HHAXb;dc_eps=AHas8cC-oqXeupF5MgwELJQFRkRzGkU9vPq58qqeS3dMZU1aluJx5GIvmo_kMCQdp9iSQFEETBLIE7Q;met=1;&timestamp=1702145290557;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 18:08:10 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2601429205&gtm=45je3bt0z86373291&_p=1702145277545&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2124889639.1702145278&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702145290&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&dt=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&uid=&en=Funnel%20%231%20-%20All%20Check%20Out%20Users&_fv=1&_ss=1&up.region_id=www.theepochtimes.com&up.login_status=anonymous&tfd=14833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-2601429205&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a.clickcertain.com/px/ta/ Frame 892B
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d84bf73e-6450-4d6d-8bec-8090bd8ee865&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=d84bf73e-6450-4d6d-8bec-8090bd8ee865&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=45187e61-5919-4c1e-adea-6d2857c42dcf
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=45187e61-5919-4c1e-adea-6d2857c42dcf
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
H2
Server
104.26.8.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:11 GMT
x-frontend
cc-nginx-5776dff989-7zl6q:cc-nginx-5776dff989-7zl6q
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
afd5acee-3d3e-4119-bb90-2c1be3b679fa
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyyu5C9K54Bjvp0tW5N80LOOlaapiDPgVJfywfZgRk67X9pAP0mmpWLp9AgwIq1Mhc6rITz4VOuIz%2Bk0%2B9ZuK6NYuKAQSG8ZmgrJjmToKzSpCqGz3mB0x9HYsHu8jE89iN7J9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
832f31240db1906c-FRA

Redirect headers

date
Sat, 09 Dec 2023 18:08:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://a.clickcertain.com/px/ta/?done=true&ta_id=45187e61-5919-4c1e-adea-6d2857c42dcf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
a.clickcertain.com/px/t/ Frame 892B
Redirect Chain
  • https://a.usbrowserspeed.com/cs?puid=f4c80cb8-96e2-508b-bbe4-79b98a1a4990&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d1ad4f74d%2d1cb0%2d425a%2dbbc9%2daf30fd186e2...
  • https://a.clickcertain.com/px/t/?done=true&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27&uid=5db44223-c136-4514-a524-bafe1b8bae70&hem=
0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/t/?done=true&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27&uid=5db44223-c136-4514-a524-bafe1b8bae70&hem=
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
H2
Server
104.26.8.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:11 GMT
x-frontend
cc-nginx-5776dff989-bq64l:cc-nginx-5776dff989-bq64l
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
00173ddd-b920-4f57-b663-c7cbe1f71897
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt0VWrsaEYB3LqQX7reIXHnzGafrDqXAjV%2B00rtxKnJ6zCUr8Udx8ROuMGglfk5vhQZROCeW4QJsMIRzye6D5kJ4Fpnk9U9F193FGReP%2BgI9pbOaRa06oZvDgl1MCS0cnuxhqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
832f312688a6906c-FRA

Redirect headers

location
https://a.clickcertain.com/px/t/?done=true&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27&uid=5db44223-c136-4514-a524-bafe1b8bae70&hem=
date
Sat, 09 Dec 2023 18:08:11 GMT
server
awselb/2.0
content-length
164
content-type
text/html; charset=utf-8
ldc.js
tag.trovo-tag.com/ Frame 892B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
content-length
1164
x-amz-cf-id
_FOjrFMLVJyUGqeekHjnSg3ZNxmSxOY3WVQBIBaNa2zhQhE3s3Gm_g==
fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 892B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/fivebyfive
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
HTTP/1.1
Server
34.252.177.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
27
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date
Sat, 09 Dec 2023 18:08:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 892B
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://a.clickcertain.com/px/li/?ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dd84bf73e%2d6450%2d4d6d%2d8bec%2d8090bd8ee865%26anx_uId%3d%24UID
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d84bf73e-6450-4d6d-8bec-8090bd8ee865&cn=DE&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 18:08:11 GMT
x-frontend
cc-nginx-5776dff989-7zl6q:cc-nginx-5776dff989-7zl6q
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
3b744883-a61e-4aca-9d8a-a62ad94e8ea3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxG9MBLidGmpDAglBu3X6rqharWlWNcmd5R25eS3wUSKv5Ip%2Bn7uGWWUauNsHSpZ4NZJQU5JTzvEtuQKcSL3ifUN1i4f43SW77%2BXy%2Fmnzg32nrj%2FU1UbJ8ZH4CXT2ZGrjRjoXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dd84bf73e%2d6450%2d4d6d%2d8bec%2d8090bd8ee865%26anx_uId%3d%24UID
cf-ray
832f3125dfc8906c-FRA
/
www.google.de/pagead/1p-conversion/855967303/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dm...
  • https://www.google.com/pagead/1p-conversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...
  • https://www.google.de/pagead/1p-conversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&value=0&auid=1466844356.1702145278&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0wzUXF3WVF3N0hJOVpQNjlwdk5BUkltQUhUZ01VVVBPVG1YZGxfSDJ5emtHcWwyc25ITFJBWGx1VXpnN1pSYUQ4VEdQdXkwNmlNGlpDaEVJZ0wzUXF3WVEzUGJxci16THVzV0VBUkl1QU5JUWFFbWp3ZjlGNG9UOW5OZjRXWWNoQzhKZVc1WVdnbjIxYTdLNVhpX0ZheUtTM0hDeUl3ck56QWhMOXciEwjY-pqr-YKDAxUkyTsCHcl9CNI&is_vtc=1&ocp_id=Cq10ZdjNI6SS78EPyfuhkA0&cid=CAQSKQDICaaNZX272W2p7lx_BYQUgBckyobLyTKUpYAiSfJjOq89yCjABWhI&eitems=ChEIgL3QqwYQ5fueuL6Jz-nfARIdAIm_ku7qSbaT-bGqSqHmPS1qmMaq1Xa_B2y5IAM&random=654149197&ipr=y
Protocol
H3
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/855967303/?random=1542480724&cv=11&fst=1702145290498&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&tiba=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&value=0&auid=1466844356.1702145278&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0wzUXF3WVF3N0hJOVpQNjlwdk5BUkltQUhUZ01VVVBPVG1YZGxfSDJ5emtHcWwyc25ITFJBWGx1VXpnN1pSYUQ4VEdQdXkwNmlNGlpDaEVJZ0wzUXF3WVEzUGJxci16THVzV0VBUkl1QU5JUWFFbWp3ZjlGNG9UOW5OZjRXWWNoQzhKZVc1WVdnbjIxYTdLNVhpX0ZheUtTM0hDeUl3ck56QWhMOXciEwjY-pqr-YKDAxUkyTsCHcl9CNI&is_vtc=1&ocp_id=Cq10ZdjNI6SS78EPyfuhkA0&cid=CAQSKQDICaaNZX272W2p7lx_BYQUgBckyobLyTKUpYAiSfJjOq89yCjABWhI&eitems=ChEIgL3QqwYQ5fueuL6Jz-nfARIdAIm_ku7qSbaT-bGqSqHmPS1qmMaq1Xa_B2y5IAM&random=654149197&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b413bf4fa936cc351ac6476e0df69b50.js
clientcdn.pushengage.com/core/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.217.65 Bucharest, Romania, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-102-217-65.bunnyinfra.net
Software
BunnyCDN-BU1-717 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:10 GMT
content-encoding
br
cdn-edgestorageid
717
cdn-cachedat
12/06/2023 17:04:16
cdn-pullzone
1148540
server
BunnyCDN-BU1-717
cdn-proxyver
1.04
cdn-requestpullcode
403
etag
W/"d4-XcAaV/tWYAkzFEISrPu73u/tTT8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=432000
cdn-requestid
51dcdab5b32b7aeb5226bbd29327e2c0
cdn-requestcountrycode
DE
cdn-status
403
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9F7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 14:01:32 GMT
expires
Sun, 08 Dec 2024 14:01:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8BF9 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
45609a1c8150ab22cf63b7104c4c37dbe2390086efbfd81e3220f98406b68851
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K6Hz8M7FNxVFynShdy0JWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K6Hz8M7FNxVFynShdy0JWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 18:08:10 GMT
expires
Sat, 09 Dec 2023 18:08:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C9F7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
14798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 14:01:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8BF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=2183470354634022&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C9F7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JFl7rA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
193f0456
tag.trovo-tag.com/ Frame 4A34 		738 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D244b81b94c69796%26ccid%3Dd84bf73e-6450-4d6d-8bec-8090bd8ee865%26cn%3DDE%26rid%3D1ad4f74d-1cb0-425a-bbc9-af30fd186e27&ref=&v=js-0.1.0&aid=193f0456&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
cec8348172d846ee01f9f3468f15b27220bafe877a8888cc87337cd5f224c3ac

Request headers

Referer
https://a.clickcertain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
738
content-type
text/html
date
Sat, 09 Dec 2023 18:08:11 GMT
server
CloudFront
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-id
63arPppIFCjyd1qw0AORdFwY57oYDbPA0E-3BKm5YYvChTGJj3EsqQ==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
/
a.remarketstats.com/px/smart/ Frame 4A34 		840 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D244b81b94c69796%26ccid%3Dd84bf73e-6450-4d6d-8bec-8090bd8ee865%26cn%3DDE%26rid%3D1ad4f74d-1cb0-425a-bbc9-af30fd186e27&ref=&v=js-0.1.0&aid=193f0456&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.trovo-tag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:11 GMT
content-encoding
br
x-frontend
cc-nginx-5776dff989-tg6rw:cc-nginx-5776dff989-tg6rw
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
268b0252-e887-4b9e-9ce1-e1b7b787db28
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aK05X42n5AEMjA5mDp2eNJO0SW9zNo%2BLGRIPvWGTcxuscPHOldxj2mTcg12IgsnGEDsJy4ubnPD29ajgTXZDby%2FMGTjSv2PMSOsE3tLd2szyEd9NfOGZgeddnixLJT9eGDUeUeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
832f3127ed3d5c8c-FRA
lds
a.usbrowserspeed.com/ Frame 4A34 		0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.usbrowserspeed.com/lds?aid=193f0456&pid=193f0456&external_id=&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27&v=js-0.1.0&rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D244b81b94c69796%26ccid%3Dd84bf73e-6450-4d6d-8bec-8090bd8ee865%26cn%3DDE%26rid%3D1ad4f74d-1cb0-425a-bbc9-af30fd186e27&ref=
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D244b81b94c69796%26ccid%3Dd84bf73e-6450-4d6d-8bec-8090bd8ee865%26cn%3DDE%26rid%3D1ad4f74d-1cb0-425a-bbc9-af30fd186e27&ref=&v=js-0.1.0&aid=193f0456&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.40.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-40-210.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.trovo-tag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:11 GMT
server
awselb/2.0
fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 4A34 		27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/fivebyfive
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D244b81b94c69796%26ccid%3Dd84bf73e-6450-4d6d-8bec-8090bd8ee865%26cn%3DDE%26rid%3D1ad4f74d-1cb0-425a-bbc9-af30fd186e27&ref=&v=js-0.1.0&aid=193f0456&rid=1ad4f74d-1cb0-425a-bbc9-af30fd186e27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.177.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.trovo-tag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 18:08:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
27
content-type
text/plain
lc2.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/lc2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-72.ams58.r.cloudfront.net
Software
/
Resource Hash
b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:12:59 GMT
content-encoding
gzip
via
1.1 9bc84c94880403a2bdfe0bc8f1800e4e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
82512
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
KP1kQ4xUuWbho2097HdhuEOLuZEcjk9vaQuJ4mBBErimgkDYt7RcdA==
collect
o.clarity.ms/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Sat, 09 Dec 2023 18:08:11 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=2183470354634022&bg=!u7iluPfNAAY3kmNgF5I7ADQBe5WfOIiT4HNAl8fNinj2TPaLYPv-osY6gnTeMkKiDVHvP__7fEF1zEArXcqbETgIQOOBAgAAAOtSAAAAA2gBBwoAA0bSWpkDCOkO_ejMfknmyM-n_j-HM08l4edQbiv9H0q0qYyfHO9kTkPgFy9E6kSx5qTeluVywYWEHzDjjr4rhVu2R3iRnG6wisa1tJVwZwlrjjNy5oK3ftU_PYuevjJInP_jgKAb53Y5nUd5X3i9d8xYhhvnHe0p906jF_R7yinsqaJQ_fVrLtzEzt7Z4jTjzmqkeEl8HFfTAnybofzJ96nvpsa0_nuCs0gjhKUK_A6q8ZXkOBphffChXNSBvYvZ5LOdVFPhOXTRt8pDOctx0g1-VvZCYl8vLHG1jVHkHAA5QtgZAYbzq-Nno7zpZ_sLaRlissPWFWcDh7d0pc_6OZq62iJ5OpvsXSSzRN_nJSJZPxg5d2ejehFk3z4paUxye8HthBK7rBUOtdOymeu2TKdYAFAQ6yD4veOvo-30jCyBou0_2AgD4MHxRAXZ5TrSQtNSXA7l994fXuhk4JEVrJZ4sHhj6QgW-ZWO9XlTKn7sZXi5Xe6QLqD4F63iQ6SLjHTtZ29QlAnVQ4AjSSRdCpzKd8izTPyH5vJocN5-jZbjUyo5AW5RfsFhBFD3vNUV3nFCEYL6O82r4VfSLybvApeIuPK1NxCUNnhf8UceEbg03JefT1JzcEoFoGYGb90Z1tR6DcYDiXCbQLpPteb_eKf5CCSNpC7Rw1UfTMfVkqTfmJc7hXF1Kve8NHeaayz7qDBsVF6eq6q-BRxA2V1lC0sJ2sCWp8OvFDkMOUUYyrrzwCJRoXDCYIqw8hwmuctSdqHdDkHhoP9_fwkz-HGcHdRW_tSuuEbcjt2Rdm_BhlHCgfNO8YUurgFRyZdCv-r5F5gae2BI0SQIikM8K_idTTRxKFrd-Z4P5hMvxu5df9KJV1cDMtmSmZ33VN7B05dUSv4yJFELPAj8BQL1V3O3wn-cOMBI5I0EF9eqnkV06pNNqrxAJxiX4wjTP8uHcsz1zZKOr3ngt-5JGVjScX21kvyY_83iII5OoibUcuZ21cSBHgAG8s0EpWU_7ibf7hTkLJ6gf3E9hZc-zmOW2L65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
j
rp.liadm.com/ 		13 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1702145291813&se=e30&duid=57b4458eb59c--01hh7w7xchztv2yke4aqa3ffq8&tna=v2.11.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587&wpn=lc-bundle
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.108.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-108-29.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:12 GMT
x-pixel-event-id
cf815b92-35de-402c-983d-b9dd78a01b9e
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13
72731
idx.liadm.com/idex/unknown/ 		0
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/72731?duid=57b4458eb59c--01hh7w7xchztv2yke4aqa3ffq8&resolve=md5
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.27.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-27-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
access-control-allow-origin
https://www.theepochtimes.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
5ddfe706b6071014
expires
Sat, 09 Dec 2023 19:08:12 GMT
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/ 		42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25222059a7e8-44db-41ef-8f38-c2e800af4167%2522%257D&title=Word%20Wipe%20-Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fword-wipe-epoch-games-4013587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.252.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-252-179.us-west-2.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sat, 09 Dec 2023 18:08:13 GMT
server
nginx/1.20.1
content-type
image/GIF
ee06f26b1c65fe65cbdadfae683d284b1f1b6f75e264b8b15edf30243f3590e8_zxlkawntrnutrtfovfl6t0mtt0rjawzrpt0tntcznzu
api.smartocto.com/api/brands/epochtimesus/dataLayer/ 		14 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.smartocto.com/api/brands/epochtimesus/dataLayer/ee06f26b1c65fe65cbdadfae683d284b1f1b6f75e264b8b15edf30243f3590e8_zxlkawntrnutrtfovfl6t0mtt0rjawzrpt0tntcznzu
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js?v=2023-12-09T18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.174.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-174-173.eu-west-1.compute.amazonaws.com
Software
/ smartocto
Resource Hash
7c67a6555f439aef3c03d5ca08cb295898ea42592f613f9a2756f13f2888b215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:08:20 GMT
content-encoding
gzip
last-modified
Sat, 9 Dec 2023 18:08:20 +0000
max-age
10
x-powered-by
smartocto
vary
Accept-Encoding
x-cache
MISS from SmartOcto Cache
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
dc_oe=ChMI95KTpvmCgwMVDJ79Bx1NZA0eEAAYACDKgrpNQhMIjazcpfmCgwMVh5P9Bx3HHAXb;dc_eps=AHas8cC-oqXeupF5MgwELJQFRkRzGkU9vPq58qqeS3dMZU1aluJx5GIvmo_kMCQdp9iSQFEETBLIE7Q;met=1;&timestamp=1702145300550;eid1...
ade.googlesyndication.com/ddm/activity/ Frame E182 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI95KTpvmCgwMVDJ79Bx1NZA0eEAAYACDKgrpNQhMIjazcpfmCgwMVh5P9Bx3HHAXb;dc_eps=AHas8cC-oqXeupF5MgwELJQFRkRzGkU9vPq58qqeS3dMZU1aluJx5GIvmo_kMCQdp9iSQFEETBLIE7Q;met=1;&timestamp=1702145300550;eid1=2;ecn1=0;etm1=10;
Requested by
Host: fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
URL: https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 18:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| documentPictureInPicture object| __next_s object| __next_f object| webpackChunk_N_E object| next object| _N_E object| WebStreamsPolyfill function| __next_require__ function| __next_chunk_load__ object| regeneratorRuntime object| mParticle object| googletag object| pbjs object| ep function| $ string| eet_cat_ids string| eet_cat_names string| eet_term_ids string| eet_all_term_ids string| eet_tags string| eet_tags_slugs string| eet_author_name string| eet_page_type string| eet_post_id string| eet_publish_date number| eet_publish_timestamp string| eet_last_updated_date string| eet_primary_category string| eet_primary_category_name string| eet_primary_category_top_parent boolean| eet_no_ads number| eet_word_count string| eet_ads_term_ids string| featured_img_thumbnail boolean| eet_is_premium_article undefined| eet_post_countries object| grumi object| dataLayer function| gtag object| mPartUtil object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| google_tag_manager function| loadMParticle function| initMPartSDK object| braze function| onYouTubeIframeAPIReady object| gaGlobal object| MicroModal string| GoogleAnalyticsObject function| ga function| expired object| epSubs undefined| google_measure_js_timing object| GooglebQhCsO function| referral function| setCookie function| getCookie object| gaplugins object| extractedURLParams object| mp object| popupPaywall object| renderPayLaterWall object| freeTrialExperience object| accountVerificationCheck object| dynamicBoost object| paidTrialExperience object| shareParams object| optimizerUI number| google_unique_id string| slotElement function| loadMixpanel string| debugEvent object| mixpanel number| readScroll number| debugMPpageImpression object| optimizerDataLayer function| BASE_URL object| arcanumUI object| script function| RegisterDesktopArticlePageObservers function| mpCommonTrackVisible function| registDesktopCommonObserver function| mpTrackTestSegments function| mpTrackElementsArticleMobile function| mpTrackElementsHomePageDesktop function| registerOnClickTrack function| trackHomePageNavSideBar function| mpTrackElementsArticleDesktop function| mpTrackElementsBottomArticleRecommendation function| mpTrackSidebarVisible function| testMparticle function| waitForSmartoctoScript function| trackOriginalSource function| loadPreparedProfile function| loadPreparedProfileData function| processSoftlogin function| destroySoftlogin function| paymentUpdatePopup function| copyTextToClipboard function| articleShareWidgetBottomMobile number| softLoginDeployment function| initShareWidget function| renderShareWidget function| etso_init_ain_object function| etso_initSmartoctoInsights function| etso_initSmartoctoTentacles function| etso_init_keys function| etso_init_smartocto function| etso_init_smartocto_conversion function| etso_track_conversion function| googleOneTapCallback string| epochShareWidgetVersion string| shareWidgetMode object| etso_keys object| gaData object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| rbuPopUp string| etso_post_id string| etso_maincontent string| etso_title string| etso_pubdate string| etso_authors string| etso_sections string| etso_tags string| etso_access_level object| _ain object| visibly string| bb object| tentacles object| t boolean| tentaclesProcessedABTitles number| tentacle_timer_apply boolean| tentaclesExecuted object| ingestion object| _smoc function| trackReadingTime number| tentacles_at_timer_sample number| tentacles_at_timer_send_beat object| _visibly object| _qevents undefined| dynamicPixel object| uetq function| twq function| quantserve function| __qc object| ezt object| _qoptions object| twttr function| UET function| UET_init function| UET_push object| ueto_380fa22d5a function| clarity object| clarityuetq object| WDSMemberConfig object| WDSConfig number| timeout boolean| tpc_present object| mpTrackedElements object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_151633 object| geq object| GoogleGcLKhOms function| empty function| GeAnalytics function| geLoadLi function| _0x3f5321 boolean| geqpreprun function| run_ge function| _0x112b function| _0x543d object| gekx object| liQ object| _geq object| __li__evt_bus object| liQ_instances object| google_image_requests

108 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARDYFg
.liadm.com/j Name: lidid
Value: 2af59371-37ac-4d31-b6ad-42a9a515e461
.theepochtimes.com/ Name: _gcl_au
Value: 1.1.1466844356.1702145278
.theepochtimes.com/ Name: pageviewCount_fb
Value: 1,none,https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
www.theepochtimes.com/ Name: epoch_geo_country
Value: de
.theepochtimes.com/ Name: mp_s
Value: %7B%22utm_source%22%3Anull%2C%22utm_medium%22%3Anull%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22entry_referrer%22%3A%22%22%2C%22entry_referrer_url%22%3A%22%22%2C%22entry_clean_url%22%3A%22%22%2C%22search_engine%22%3Anull%2C%22id%22%3A%22lpydcm98pp5kk9ptvh9%22%2C%22total_pages%22%3A1%2C%22start%22%3A1702145278124%7D
.theepochtimes.com/ Name: mp_lib
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18c4fc3c0e797f-04e70d2c4f036-1e393178-1d4c00-18c4fc3c0e797f%22%2C%22%24device_id%22%3A%20%2218c4fc3c0e797f-04e70d2c4f036-1e393178-1d4c00-18c4fc3c0e797f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.theepochtimes.com/ Name: e_ab_es
Value: 0.12818765244949026
www.theepochtimes.com/ Name: firstVisit
Value: 1domain=theepochtimes.com
.theepochtimes.com/ Name: _gid
Value: GA1.2.1982333100.1702145279
.theepochtimes.com/ Name: epoch_persistent_user_id
Value: anon0a2a-d7cc-43f0-8927-e594677b48e7
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.theepochtimes.com/ Name: _ain_cid
Value: 1702145279475.475130402.60262173
www.theepochtimes.com/ Name: _ain_uid
Value: 1702145279475.287568157.943884
.doubleclick.net/ Name: IDE
Value: AHWqTUkQUFub-KqKWIxQ-rvwsNM8Zw2nMDjudtTVyBqeimvkknTK4WtiGyi4XsQsGVk
.theepochtimes.com/ Name: __gads
Value: ID=ad60b3e703372b0d:T=1702145278:RT=1702145278:S=ALNI_MZAjWAHisqvFKC9-XI9Pfcy2mWPYA
.theepochtimes.com/ Name: __gpi
Value: UID=00000d10fd5e5528:T=1702145278:RT=1702145278:S=ALNI_MYT8K3-K4ufRJoeANNh2MZUVOqahQ
.theepochtimes.com/ Name: _ga_RD0QM5H02Q
Value: GS1.1.1702145277.1.0.1702145279.58.0.0
www.theepochtimes.com/ Name: _sotmsid
Value: 0:lpydcnhb:g6z9FiivSHEU5Iqomd165Astvj9T18Om
www.theepochtimes.com/ Name: _sotmpid
Value: 0:lpydcnhb:IvzIFctRLjZ2Tx6eLeXlap9HcMNRMz0Q
.casalemedia.com/ Name: CMID
Value: ZXSs--W7Y4F1D39cH6GVZgAA
.casalemedia.com/ Name: CMPS
Value: 5280
.casalemedia.com/ Name: CMPRO
Value: 5280
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlltCzvj!]tbPl1M>e)ZlrFUfJ+tGXxo3[/#ycCb)gQV(BPHZUoUx`t`ef[82K(U[GJf3If)y3KL9D3I?+RgWLkR
.adnxs.com/ Name: uuid2
Value: 6261967518377147054
.doubleclick.net/ Name: APC
Value: AfxxVi79AWwKQVgDNn9Uh3-7MOesUUHI7PNkVnxcVG8rQ2fCs_mmbg
.3lift.com/ Name: tluid
Value: 496596828751197447873
.quantserve.com/ Name: mc
Value: 6574ad00-25c23-15e71-c930f
.adfarm1.adition.com/ Name: UserID1
Value: 7310658310647904413
.lijit.com/ Name: ljt_reader
Value: HyyAsGZHbJp4m3T7S6SuQpgt
game.epochbase.com/ Name: ai_user
Value: KXRsE9uzCmC4E5g+/DKRi5|2023-12-09T18:08:00.321Z
.advertising.com/ Name: A3
Value: d=AQABBACtdGUCEEytEqocRPlkykbTdZ1cxmoFEgEBAQH-dWV-ZeAXyiMA_eMAAA&S=AQAAAqRr4pOFRG1VB2v4U-B3l5w
.quantserve.com/ Name: d
Value: EHgBEAHPKoEK_fsQ
.turn.com/ Name: uid
Value: 8812875596088597900
.acuityplatform.com/ Name: auid
Value: 862442839217
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRhN4PE+umGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYTeDxPro90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.ctnsnet.com/ Name: cid_7e41445943b042499377f0e59c022574
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 12b04797-ad9a-4b83-a774-e02e566595c6
.creativecdn.com/ Name: ts
Value: 1702145280
.creativecdn.com/ Name: u
Value: bK3WIMiQS5L4l1qQzkWn
.creativecdn.com/ Name: g
Value: bK3WIMiQS5L4l1qQzkWn_1702145280521
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsjAzMrc0tjAwNRTiM9TN183NDAkIzMryC0oGAKvq2EQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsjAzMrc0tjAwNRTiM9TN183NDAkIzMryC0oGAKvq2EQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBkaGJqZGFgamwAAFsq7HEQAAAA
.adsby.bidtheatre.com/ Name: __kuid
Value: 63350718-7455-4545-a2f0-85b48197e9fd.471359280
.adotmob.com/ Name: uid
Value: 09e52204007ef7104baffe02
.adotmob.com/ Name: uuid
Value: 09e52204007ef7104baffe02
.adotmob.com/ Name: partners
Value: IX%3A1702145280550
.adform.net/ Name: C
Value: 1
.company-target.com/ Name: tuuid
Value: c1c69109-42bd-43f6-8727-0151d32a99c9
.company-target.com/ Name: tuuid_lu
Value: 1702145280|ix:0
.undertone.com/ Name: UID_EXT_57
Value: ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
.adform.net/ Name: uid
Value: 6055212049786276455
.ads.stickyadstv.com/ Name: UID
Value: 713f749bdf4a1c76ad8429fafd0f3b5
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXStAAAFtsXThABH
.theepochtimes.com/ Name: _uetsid
Value: e3b58af096bd11eea764d17ac1b7e93f
.theepochtimes.com/ Name: _uetvid
Value: e3b5a07096bd11ee849f4910e92e117b
.amazon-adsystem.com/ Name: ad-id
Value: AzOoXhmrukI5hrUZiuPvB2k
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bing.com/ Name: MUID
Value: 2DAA355C237F6980143E26BE22BF68F7
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cd591e90-626d-5fa4-77f2-fa711c7c25ae.QzTHb3z7gYqt0BMeac%2BXwe7S8h4CvMA%2B2jt8qNk%2BOos
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cd591e90-626d-5fa4-77f2-fa711c7c25ae.QzTHb3z7gYqt0BMeac%2BXwe7S8h4CvMA%2B2jt8qNk%2BOos
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzVkekGJtX6R38vpxHHwlrlQTr7g.W8YjXyWoBjWrDTHbYbe0KlN5OVSz4a3UQjngpZzWaRg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzVkekGJtX6R38vpxHHwlrlQTr7g.W8YjXyWoBjWrDTHbYbe0KlN5OVSz4a3UQjngpZzWaRg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFyIvLX3H1eASrZuKY3zIYwTG35A0XxVTwRw3UW3siYzEHwYBCCA2tKrBjABOgQtwj9GQgR4GWQb.M9dtTigNchpReKz%2F074lw7daclMBFIGcbbZXI87V3tw
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFyIvLX3H1eASrZuKY3zIYwTG35A0XxVTwRw3UW3siYzEHwYBCCA2tKrBjABOgQtwj9GQgR4GWQb.M9dtTigNchpReKz%2F074lw7daclMBFIGcbbZXI87V3tw
.theepochtimes.com/ Name: __qca
Value: P0-1749420499-1702145280732
.liadm.com/ Name: lidid
Value: 2af59371-37ac-4d31-b6ad-42a9a515e461
.t.co/ Name: muc_ads
Value: dd0932b1-87f1-4ae2-9b32-160c2e043a7b
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2023-12-09T18:08:01.019Z~2023-12-09T18:08:01.019Z|2381322031134715|20|
a.clickcertain.com/ Name: _ccpx_u
Value: d84bf73e%2d6450%2d4d6d%2d8bec%2d8090bd8ee865
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170214528094844910
.twitter.com/ Name: guest_id_ads
Value: v1%3A170214528094844910
.twitter.com/ Name: personalization_id
Value: "v1_D3NpgK1UnfH1H+S9PoJ4FQ=="
.twitter.com/ Name: guest_id
Value: v1%3A170214528094844910
a.clickcertain.com/ Name: _ccpx_244b81b94c69796
Value: 1
a.clickcertain.com/ Name: _ccpx
Value: 244b81b94c69796
www.clarity.ms/ Name: CLID
Value: 714020a8d14a412c8a2ceb5b4b90902b.20231209.20241208
.theepochtimes.com/ Name: alo_uid
Value: 86640b64-ee00-414b-8b45-3d3a9cebe8ea
.theepochtimes.com/ Name: _clck
Value: 1tu1jgs%7C2%7Cfhe%7C0%7C1438
.theepochtimes.com/ Name: _clsk
Value: 1bvzi3p%7C1702145281900%7C1%7C0%7Co.clarity.ms%2Fcollect
.alocdn.com/ Name: uuid
Value: c975688a-c236-4322-b13d-4ee320ffcbbb
p.alocdn.com/ Name: _ep
Value: 1702145282
.theepochtimes.com/ Name: wds_random
Value: 2023-12-09T18:08:01.019Z~2023-12-09T18:08:01.019Z|2381322031134715|20|
.theepochtimes.com/ Name: __WDS1
Value: %7B%22da_100415%22%3A%7B%22hu%22%3A%222023-12-09T18%3A08%3A03.335Z%22%7D%7D
game.epochbase.com/ Name: ai_session
Value: d56BDqZHBHLQPEWWOKhDQU|1702145284184|1702145284184
.yahoo.com/ Name: A3
Value: d=AQABBACtdGUCEMTv1lzBf5jeTtCTdjqvY9oFEgEBAQH-dWV-ZeAXyiMA_eMAAA&S=AQAAAk-wIAZ9nI8OY0VEZwgC_ls
.theepochtimes.com/ Name: _ga_2601429205
Value: GS1.1.1702145290.1.0.1702145290.0.0.0
.theepochtimes.com/ Name: _ga
Value: GA1.1.2124889639.1702145278
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2DAA355C237F6980143E26BE22BF68F7
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2DAA355C237F6980143E26BE22BF68F7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.bidr.io/ Name: bito
Value: AACZDU7K6VoAABRC1WiFdw
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1702145290810
.tapad.com/ Name: TapAd_DID
Value: 45187e61-5919-4c1e-adea-6d2857c42dcf
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.a.usbrowserspeed.com/ Name: tuid
Value: 5db44223-c136-4514-a524-bafe1b8bae70
www.theepochtimes.com/ Name: _geuid
Value: 2059a7e8-44db-41ef-8f38-c2e800af4167
www.theepochtimes.com/ Name: _geps
Value: true
.theepochtimes.com/ Name: _li_dcdm_c
Value: .theepochtimes.com
.theepochtimes.com/ Name: _lc2_fpi
Value: 57b4458eb59c--01hh7w7xchztv2yke4aqa3ffq8
.theepochtimes.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1702145291665}

15 Console Messages

Source Level URL
Text
network error URL: https://comment.youmaker.com/api/v1/user?site=remark
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://img.theepochtimes.com/fonts/Acta-Medium.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://img.theepochtimes.com/fonts/Acta-Book.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
rendering warning URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b(Line 494)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other warning URL: https://game.epochbase.com/game/word-wipe/game.min.js?s=9666a421025b(Line 640)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://img.theepochtimes.com/fonts/Acta-BookItalic.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ups.analytics.yahoo.com/ups/58545/occ
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ups.analytics.yahoo.com/ups/58545/occ
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ups.analytics.yahoo.com/ups/58545/occ
Message:
Failed to load resource: the server responded with a status of 504 ()
network error URL: https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXSs__W7Y4F1D39cH6GVZgAAFKAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 504 ()
network error URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://match.prod.bidr.io/cookie-sync/fivebyfive
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Message:
The resource https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.theepochtimes.com/epochfun/word-wipe-epoch-games-4013587
Message:
The resource https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
accounts.google.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.stickyadstv.com
analytics.twitter.com
ap.lijit.com
api.smartocto.com
b-code.liadm.com
bat.bing.com
c.bing.com
c.clarity.ms
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.epoch.cloud
cdn.undertone.com
cdnjs.cloudflare.com
clientcdn.pushengage.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
comment.youmaker.com
creativecdn.com
csync.loopme.me
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
dc.services.visualstudio.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ea.epochbase.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.postrelease.com
fe317ed1ec3acfc494bdf78bad2de440.safeframe.googlesyndication.com
fonts.googleapis.com
game.epochbase.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gw.geoedge.be
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hb.undertone.com
i.liadm.com
ib.adnxs.com
idx.liadm.com
image8.pubmatic.com
img.theepochtimes.com
ingestion.contentinsights.com
ingestion.smartocto.com
insight.adsrvr.org
js.alocdn.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mixproxy.epoch.cloud
mp.theepochtimes.com
o.clarity.ms
onetag-sys.com
p.alocdn.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
polyfill.io
pr-bh.ybp.yahoo.com
pwe.epochbase.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
subs.theepochtimes.com
subsapi.epoch.cloud
sync-tm.everesttech.net
sync.adotmob.com
sync.srv.stackadapt.com
t.co
tag.trovo-tag.com
tags.wdsvc.net
tentacles.smartocto.com
token.rubiconproject.com
tpc.googlesyndication.com
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usr.undertone.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.theepochtimes.com
104.16.123.175
104.17.157.22
104.17.25.14
104.21.234.68
104.21.234.69
104.244.42.195
104.244.42.197
104.26.3.122
104.26.8.50
104.64.126.246
108.177.15.84
13.107.213.45
13.224.103.29
13.32.110.110
13.32.121.80
13.69.106.216
142.250.184.194
142.250.184.225
142.250.185.102
142.250.185.104
142.250.185.138
142.250.185.162
142.250.185.194
142.250.185.228
142.250.185.65
142.250.185.98
142.250.186.131
142.250.186.161
142.250.186.98
143.204.98.70
146.75.116.157
15.197.193.217
151.101.130.133
151.101.65.26
151.101.66.49
154.54.250.150
154.59.122.79
169.150.247.39
172.217.18.14
172.64.141.13
172.64.151.101
172.67.74.129
173.194.76.157
178.250.1.9
18.165.183.73
18.238.243.106
18.238.243.72
18.239.36.109
18.239.83.58
18.66.24.34
185.102.217.65
185.184.8.90
185.64.190.79
185.89.210.46
193.0.160.131
2.19.11.158
204.79.197.200
209.192.253.52
216.239.32.36
216.52.2.86
23.218.210.30
23.73.140.164
3.225.229.133
3.71.149.231
34.102.198.207
34.110.129.224
34.111.113.62
34.120.33.89
34.238.108.29
34.248.250.162
34.252.177.198
34.95.81.168
34.96.71.22
35.162.252.179
35.173.27.72
35.186.193.173
35.211.89.112
35.214.142.236
35.227.252.103
35.244.159.8
37.157.6.254
4.7.168.74
44.216.232.169
44.227.40.210
45.137.176.88
46.228.164.11
51.89.9.251
52.152.143.207
52.18.111.16
52.200.58.150
52.46.130.91
52.51.174.173
52.92.238.136
54.197.120.184
54.76.12.87
54.76.87.161
54.81.245.140
63.251.232.165
63.34.97.161
64.227.64.62
68.219.88.97
69.173.144.138
69.173.144.165
76.223.111.18
85.114.159.118
89.207.16.201
91.228.74.168
98.98.134.241
0144c8276ec3e781c6f088e263514a4ee5f66f8838f8599bfb50b3d1607d40fc
0175ef65c5d8cd4ce63c030a8c409a33f73de027b1593bf77f780f91c3b07bdd
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
03268fb285ed8486b6a21e5106f8faa3d517434bbf60c0e9a09e7e2737ce1345
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
05b6051eb8460dbc63587d56206715f76947845fc5c36f4ecd7e2abb83c6ffbb
064d7b833644dd282e4ab3ea2f965d8ec8d4cd6db6ab74c19d0e93df5bb6e823
0779d2575b8f8662ebc448555e34ce11f32a42d4f3aa9507c8945c12bd1fffd4
090945454862f04e84f8556e0e298b45115b28c5c28b9b2fdac7387635bde5c1
0b52d59a81101f9a0f8807daee90e966394c3fff6ab2f98b012e3e8b5e24b45b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c079a117b743eac1e4325d1d3cd52955c7233c1b34132d691e995e1e7d58050
0c8b9a39abc61fdc3471dae2074d453064d80f2bba2fe19d1d7d683b9c7c7223
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
0e3530366f481c19813abb79fd15cdc5b45dbbc276401cbde7c4bf283b75a114
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0e5fbbe10f708bf6bbcc9d5d91e7209391cf9798e3ac144d3dd3db2c2e698309
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f1104aae416bc32900e253b50a26d22beba9fa197d2d805d42b7c106b32aa51
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
111161803f4ff768b77702f4e903f5f8552bdc2fe4fc30603115636ef8566181
1152f79a12543479de3ec4e56eaa913401cd934968ddfcbf833218f585a0e494
13b81e5fbcfd1eceeed6736de88e9fce3edf25dead86bb944c0cfe179695128b
16ca3aa97c894d331e7f3dadaee8f7ac8a66a30fc1f85c877bdca4cd911ef520
18ba062a1d9c3808d7e5ff9276f7667f9e9649a82648901eae1dcd6ac1f118dd
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1aad44daac146bcce6f4af4f12a865b7dfd21a6bd11b85be0c79947c70c6f135
1b0e87e4a7d9fee722660506d48393ef67d281a5c2417b4ffd6178fdc1db4f9b
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cd7fb5bee3f262c89c6fdf3e31fe27728088f7f33bf204f56ad8e9905f30dc1
1d9e0d05669a3610c7263c551b8b406344c148713485f7e8124f61b05e2463cd
1f9968ad44660715b6ae762981573f34367a5bca48496d1d12b02d4c2c8b9601
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
21ca4a07c0e097bc9ae3a80c091c0b4e019a5725de5db32883dbf3dd509b2249
21da30020a0244ac984c4ed71eb233f22329920565c4007a0793aad54c348ddb
2217ed3c72b72b9496411a601e38bb2dc1520f0cbd840576541e1ef89a3eb730
222bff21d3a800dc3e895040eb65643edcde3dc897e389dae2047ccef3908497
2272682e0775d460a566b30bd03af5f2011f89aa82d39b9842f05a9b9e5fc765
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26334b6e9122b102cc66898bceee5be00927575ff5bce29907a7b35a94688f37
26596e242c76558f8085c3d3a634ff993bc7ff98cdfb6d322bb7698c420e6bfe
27a4c33230f2a57da3135ea231ce8f2cb7c9f89ca68b605017e5384594b2cbe6
27e4bf0c6d12bae538b8e59a57b06967ca605ba33d2cabcd60f15d70aef9d71c
2af1846e77fc4caa3ace965bb082263f77a2090358dfa427245adf469b00408b
2c9d20a82bcd631dba5fb5a9c1dbc507baf559da09375e65b8870a328fc6e470
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b
30cba8c6f7374a344b5a6d97dda6da6f92281144a7123bd7168349de7d85f4b3
30ee8dc4920b2dca6621737d57c70ab1dff3b54c52001d9488d2cf048c99c3c3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36685bc67b611843dcdfb88d7a08d4bdab8899305754cd276850417a63a5788d
36899f7c0fba85e69b72eb46765c908a1c2370e52053374ad4c676e75b7654f1
3882c860de0e52e16628e5d14da86db2e9ebd8c9cd4bba36ddc1838bbf2355b2
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a4bbb401a6314ea02c0fd4298e34aca90c579f135ac02a76f5f5bb6b3568ea2
3a9de0847a7ddf30ec9d87451261de4067467099dea2d8223ddfb0231ae0ff97
3cf2935d067f6ea575d06115f24137c0a5e1fa00abeced1db2fc710a1ca77e0e
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3daf1d554709263906081cc297c4408939fe03275489e2c539e85c7d4ec44d7e
3f0e66bf74da8675d70138bb4b907d1bfb811dbdcb9529e1d75faa3c1311b3b3
3f37696da8904a530984d1a0dac30a5c1316461dc528aa8e1a1327810ac91969
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a491b6ec4c4ba2be42e5bf9040f0dc254b0fb6db203ad01cdfa10145fdcd21
421156198b1e01ef77acf849468e0b691b95025b959c79104cf210c04350d4f9
42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d
42deb9219fc21f52ec47f6de9f2cd7bbd2b6eff02e03fb2e77b935f3f2a849db
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45609a1c8150ab22cf63b7104c4c37dbe2390086efbfd81e3220f98406b68851
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47291f7c76b6a7c1ac558da512ccc99edacd275f2c4978d1abcd7adc61ccab6f
489df896a4f7bb7ef690cbf80e79531351632db12ffd458832acd8cd1581cc9b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b782933f4ffe1e923111eb93d3924b4807e78ce63064d0b01e0f96de529a4a
49918e3327bd5d2256484cfa66447f6686e495b5bf2503ffdcbbb41603718ddf
4a1e84f71ae9d72049a2a7f4e544f8c051dd019a5989698f2f34ea815094ac44
4a88cc0764c8b56a98be9e366371284daa10fd2f4b7dfcc2e42fc0e156ffbdf4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d47796ff9eb9aa3d3dfeca09b2b2aa7880f975b5e21adfda7ef43f745db3e
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c
4d5ffa9b4660a2cb3cc7733dd785224252768155d96805b19b862ef55af6d045
4d6a9056ac661927feaae041c67d6bca4c8dbccbc9340becad05a2e1f0ebe98e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2c68cafd17711da61d4989a4da744f54b6abb30d2cd0f077f1ac89f9d29ca
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52326503523c26c27ea884d31be9d7eb0cdb7804e719557f31f2d851edb8b357
52c854815f543b120f9314bf012a95ff9902edef46b232928855005edd9cf67c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5714f24b380cd260c5a35831912e219007b34d727bd7c9bc65f0d242b004d9cf
5780485ca22a70c4f38c463d448895c4aff0c7eae22760a31da397547b8c0e23
58255daa744ee7478e21dd58b685345e4f76d95522a5ba987c4e73e9281336c5
5b202b4f92f836aa3778c767db2c6ceed03ef38cb542c0738e35e6d3d72ef67b
5b6eefa5ac8dfb11c8fd861afae77a5dfa22ba50d443bcc5c172c5b3021ccdf6
5ca92c06dc31883efdd21b50d74cfd8756fa7a312728339494e2298cb40b6a9f
5d103df41045bc8e9538ed05d79fdd7750af623fa8dd55fdc3b74d90d6ba20a0
5d86b5ff40546e3a2ba79df35d4f926b43b145f3b84619df160fc5f1ff307633
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fb4df0d97f35b212c68e41e69c2558cfe0765149a20b42821e50295ca06778d
60ac48631c9a2c1cec01eb96c89e75d964ac78ef9f76fd208835a9858fa646f3
61b459cc9bf965b73d8b86b4b8da20b0f019b14dcdcc33ff8909920d0f22eb32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6373515f83c102404fd8607c310f6554c903aca309d31b7e41bfaca07466f7e3
63e63978a63beb39f52dd2e42ec1b6f2182d82611971db292247d5825070fc3b
6550504b2d2171925aad320f72680881d883a3273a6147adf5f470fb0bd42ee1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e8082d322d5952c294fec5f9d4604e86c4e87cf81dc5661a2446d3573f797c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d512629fcf3e4dc24784bc2f5996cd4ed91466f27040f60b7d87f2a29240c25
6d819e03aaf3877c15b1d7d532cf06316663cad1aca835ac99497ab08e0bf0e9
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71771819acec108acd87e4876de617b918adf130af69b8a92f4ad626840364f8
7267a792c8c6e393102019b5651ca816e943777d935f70ac65e624c672e918c6
74e8013806a5ee7021ad31d6ba6d4c135fec86a38e1ebac9861d8f319aec3c10
766f07e7383e1bf3ab180c4ba48ac9deb533c7b224aea3066acd67b88b040923
769dac09245c6c25acf049d2fcd35d51389c94e5284aa432b10eff03391c2c7c
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
78d2e375f5d21e9aea1809b7f1dd3c022e69b74c0f1ef4bffe690189be8457fe
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a7de0a567f4181a50dcd5e11741f35b79e80b34c210f37bfdeab75a2db7a79b
7b0116e26feef442edbcf9502c1310bb733a91f3715504744124c85af2f3e3ce
7b885ac4b0c0d1ac4b43e0b565762f52251f64eafefef8f54a3c0d3bc9b48037
7bf4473ecc25fc8a56c7da4846022537d11e73a499922e0a16be9b8f83869052
7c67a6555f439aef3c03d5ca08cb295898ea42592f613f9a2756f13f2888b215
7da6525b3ff85c2794ac3298cdb395190d58431f92f46c46e5157c57a6640897
7e5b0ee6bf5d301e1bbb21d770f5edaacf6597f16374a26c762b45eee554a1d4
7e83c0ee95b48f6012cd29deceac7a719bb743a1271f6c1d6354413eddfc8d2c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
814e668f3bbd4663d720802f4e7f60a1e7e04317535010dd4fcafaa2ae443bfd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
821b923aa515566c2c27c9b5be3e451b03b147e0365e009fadd7c89b396f5fa4
825918cce712f3898a4580f87892a660a1d057eff472ca9cdde98d41a2af1696
82650b7e5f22d8ac4a13809a03de8e1d2b50c3743925520171aee6cf7bf258f7
8496667e6ca10b43d843e825b1f87efa7afc417328b26f815c1b3c5b533ec1a8
84bf71e26352447745b6c6b0c71b94e705789ec819b5146608fc5ccb76672c2e
85b0a6b7e1a39cfab0b46283acb187039816c087dba5d16b7e64f78ee59a1137
86ec2da6a4b0444953187ebca1373c7eee98813073fd5ce9046739d006220e5d
8869af124bbe2c8627b005748e14edc51d21faea8ebd2e66e8e9fde87a33aa4f
88b7f8c564aa37b8b50eac5028d5b6f6125fdc861cae746485b23a976f5286b7
88e6382d15edbda0254ba0ad7f224f41b358a21ebfad6e1eed439f5ddf0ea245
8b27f626860ba1a96ad14ee2b869fb5a9bfe2ff95409c82d0bf05332bc153d6a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7197efe5adf3873f69718a761413a2bfdc3327acff23ab819c8e057a9d0848
93c87f976cf92a16c0de1912a209b8a1d5e85fe70057222b149f4b3852ebeaed
9406aae952c5f51fc59ce8d06f1fce44f39e8e75a3e41bcb157d4217f7651685
946c9c95fb7da4ae9249907e40e11291c00135e70991d34811f08617b20a5b67
9814f85523d0253897e2447a36fdbdc2a5e7647eb96c192f3d278393c955d2f2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a63d5248095b6078fd95a59c270efae7d1cc086d9911533010bfd6555482f96
9a68896078bb7b79ae7c9b02b61d763e0c1bfc01377a43ffec36351a759bd6bd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d705e4e03a176cccaa1d2345250cc3df0549ec6a2b78b6495a650feb4e852df
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
9f3cb53b7e6003cfd9fdcb7680aedb78d7566c699ef746d93c850da13922c1f5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c3b720fb7ce71ab6a38d07d5b7f75b4fceba10265032033bb4d788163f024b
a272a50a6b0526fe9222d72f29741b9d91a156ff75439a43b728fe1d5a6fec0f
a4551991444bea767a97af5120479bd3b786c29a14498dc3e13a8ea3a029dced
a4e3f74a8547e92b577500bc15796ea137dd5cb8bd677940ee4b6cee2276b0d7
a551f08a781c99cca27a8f613bcae18ba1dc1737e91d782f4acd1b1aa6b2819f
a55cd6de4655dc7bb21259ded6fb10e73640436324b5eb7f01c6a450baefa7df
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7cf9d7d46a9d9b0d83d6d91e82f11dd37fbffab2d8841b530f352be0cb6cbd6
ac39a523505b8bfa1582a1d77caf1d83c9627c656da242fc184794d37b320034
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
add65f9e789b4ec7cd59d954546c3e297c4ba076d030c47d35a30ad8a9d522d0
ae5515f85fbd77b330a870a535f83fe3a50dbe822b75e35bb47d5f749fe9ba6f
ae94b4099e7d234fab3806d5b410869d804b0bf38d8e84a9b00137066c937ef1
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a48777454353c2b6ff6e617c2caf64c290e2ba4f55fd74a30d97f734198c21
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b7123bf5d1742985950f5f6ab3845907263a91e175527eb11baae5f45c3735a9
b75f150ce95db244f781f214d2dbc7e9323ea03b5a2801cd97cd622af7e5c06d
b898e6be0107dfa3b3ce3898d2198fc5554bdf8f82dbed4b719d591dbd66fa7c
ba0c2c189174e19281d435f90c0595f069239b2144b02162f8298c2d65c39dfe
bfd56f435385afaa5cc349ca0cfe464d9b68fd79da1f029c73ec87085e79dc49
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34e5d3266ea00298001d8d288f2772c0829a74b54b7687b683a3dcdd91a4d23
c35a96756d9220ca4ca70f5173ecfc559eebe190074c9e4ea0a5140924caa1ba
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4b95d6c1eba546a31dc86da5797e215405b7b70513633483da057aac74119ed
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c74236a282de7c51b1adb984ae3cea6da6dd85b93ba2dbd25e9ed5602d428cce
c79b952455a77dfa6e4dbf3474e887a4a6cccf285881103803651bf408b4b16a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99085b7fb1f2a887546ef03893582856b0ca792472ad92629a75177e66a803e
ca3831eaf724f8b5b0273ad0f3ee47cd9392653dcbe32fb68e0b1a097942c021
ca3c79ed7c22564d56f4bed63cb1ae87755b527d32e6a3baa52e1ce5fe7f541c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5f39ea0a89d8e7a417b7ad8628719cb5855d4a4b3f7a17ce1b6b8f1dacb476
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc2c76ecc8703c5262b4acc25939dd25376d87bff7bbedc206726b15cdf48527
cc34f96ebf6a33e9ea084b5932084e51a96c7b7b12bdc996059964a730a6babd
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cda3dd8b74a8cb2699277dc3b4d82ac4482304fe884d47bc7638111bb5257bd8
ce174010dbecc7aec9280ffd46eabfa8189b99d461403f060178a4075a872446
cec8348172d846ee01f9f3468f15b27220bafe877a8888cc87337cd5f224c3ac
ced8a878841deecdff6f491493925f4389b97abce24453d573f9a280ff405309
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d08110fb32a9fa5e161050a13a7980c6db1bdfedbd3a09ea2b263c8520faa7f6
d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8
d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1
d2be858a56620ab5e710ec83c7ddd5a05a4882bd9d13a995cc3bf5dff2e0e1a1
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4fbdb5935b28450589b76b53bb1c5d0234d14de6b66173ffc6e38b91d1b1db3
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60
d747ecb2ace7f43de1bb8b572986738b601c15acdf66acb1e0db77a3e9983910
d7b4d2b3168b9ff4aa00bc0792ce3c85165f84eb31935c46f006be2106e86217
d7cd879df53ece5f82d10656b7890db0b9210823870eef37fceef4d7b133dd1c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d85cccb998525357165b9bd3469eaa3c4f21d22c31df16e062a3db5e875ca77d
d94f1a39acfe37b82ee50c1db98885a2fca89e81ca7850294df2dbde1f76972c
d960967ed945eccb4d33bbfa679a17ded4cbbe92a4f7cdf044943b70362a8d3a
da2f76ccfd2779e18da69a7dbda3859173b3a66810af76526d7509a8d3f05be2
dbe91f4307fccfe75857a116fa4f0299894d096cc9a2e1d0959534ee902a56ec
dc4b793c860e3a5520f855325bd7fd380ac437fa2f670695268e9e5c324b8fb9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb9a1cfcfe8dbb1cefe4c71f6de8440eb41cc85b91f4a9fedc7fa5ecc635870
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6fd467ac093b25be3fe611e0869565d2e0a5f1f5aa9590d7d383fc99f56b8d
df8becdeb3c9f0192c697dfae2577a5daa65d4408adaa70bb311d3f9e659fb3c
dfabd954a3ec494e41f63bab6f12a56ce35150c3b6eb0da47f1e61d5c22bfc2a
dfb541e59ae759d8972a3265283a5408dc6a81061822e0a517aa3c4bd62ce239
e1acdaf8bef8bd41f97bdcb36f06e491f94c27167df4baf6b48dd1ae8df449f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e416d505c8b778adcf9e24dd9c3be2af8b36deff78cedc0ddcf93cad99065dd1
e4b9f58bbad39722ec68ebe7dfe22233006eaf648b6e88e9fef951f4f383ac15
e559650e90b5e7895e80ba36e4a060ad133f55bf35b46df65b647a5eb2264c67
e5e3f1a9fdb7bf262bc92b2e8954e3251709b230989d52ee068a8dd4210acc31
e693b3afb84da4b7016ff5c3ed0c0ed15157c59eb8ae2e0120594be81c689122
e70d56ce8503b388e740f73ab83340323412b18e87505993dafc2f6b33757268
e97d8149dc317e178046ef61138fcf44e2466f5c631a73a9549e51553b030490
eaa05a2c39a474ba4369f18add280a898ee9c58cad5389180f622b0c96dd7dc3
ead0293d41f0c5fef76a0205ad3060391bdbeec5ae4920c5c6d2edec8bdea2e6
eae5c3746662210cf737e5af16e2d0aa0d04356fa16cf2e5a8658eb7139583cd
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec09ffa8255690c234df207b037a80ce1f556eefd63d312527661b20e8d17814
edb110e170d041ed8545980c83dcb26efac6205ecc2560f7eed8bc25db10776b
ee2272a92de13555f567e0b85903cc25afbb12ace398271ee2f42dc9bcd9726e
ee421db418c5963b905ad74e333312b50a96ab4df0e6caed8f380d3905b3ff6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f05e45157561299fdf9c77b4ead956006bd678b5e82ad3180d5284e333c3ca28
f1d174a8f1d6cbc61636f93f6c777d9d91acc562c9e10650377ebba10623cc78
f3bccf2ba4483214a64dd5d4222b45ae474f5d51bbc50bc80e7c78445e621772
f634e3db916003e53999477fd8f569a27739cacd82a346f4d131b5cd76b687d1
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f736db1f3aff72e5a1afe7af1881de58bc4f06d0bb5f61abe17d45e5b9b2131d
f8359fafcfef5e2477aa5479215d428eb4bd64a1d540cc690a55237a76b81983
f8b372c88e736e4cc5dbbc3d83007d604724ddacad1f00b7c980f92ed44ac7be
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a
fd4afeeb14c69ea6c3d2fcdb1fc6a1c065b6ed3c91fbf3dbb4dd15d1385a4661