urlscan.io logo urlscan.io
SecurityTrails logo

www.theepochtimes.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Submission: On December 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 6 countries across 41 domains to perform 293 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.theepochtimes.com. The Cisco Umbrella rank of the primary domain is 54532.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2022. Valid for: a year.
This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 151.139.128.10 20446 (STACKPATH...)
41 34.102.198.207 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
24 193.108.153.24 20940 (AKAMAI-ASN1)
1 54.192.235.59 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.136.157 54113 (FASTLY)
3 151.101.65.108 54113 (FASTLY)
1 3 13.32.121.17 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 18.66.147.53 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
17 34.120.33.89 396982 (GOOGLE-CL...)
4 34.110.129.224 396982 (GOOGLE-CL...)
1 35.201.68.206 15169 (GOOGLE)
1 34.120.97.157 396982 (GOOGLE-CL...)
3 185.89.208.11 29990 (ASN-APPNEX)
7 37.252.171.149 29990 (ASN-APPNEX)
2 54.76.235.247 16509 (AMAZON-02)
4 51.89.9.252 16276 (OVH)
1 2600:9000:20e... 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 108.138.17.30 16509 (AMAZON-02)
1 69.166.1.10 27630 (AS-XFERNET)
9 2a00:1450:400... 15169 (GOOGLE)
2 108.138.7.117 16509 (AMAZON-02)
5 4.7.168.74 3356 (LEVEL3)
1 2600:1f13:57e... 16509 (AMAZON-02)
2 2620:1ec:46::45 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
14 136.243.66.182 24940 (HETZNER-AS)
2 20.96.88.162 8075 (MICROSOFT...)
21 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.244.243.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 82.202.225.227 49505 (SELECTEL)
6 18.215.71.12 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 142.250.185.98 15169 (GOOGLE)
1 3.5.82.146 16509 (AMAZON-02)
1 4 52.55.90.187 14618 (AMAZON-AES)
1 18.66.147.15 16509 (AMAZON-02)
1 52.222.236.121 16509 (AMAZON-02)
1 2600:9000:21c... 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 174.129.31.112 14618 (AMAZON-AES)
1 54.158.226.104 14618 (AMAZON-AES)
2 52.25.208.196 16509 (AMAZON-02)
3 35.71.131.137 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
293 64
24    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
www.theepochtimes.com
41    34.102.198.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.198.102.34.bc.googleusercontent.com
subs.theepochtimes.com
6    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
24    193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com
img.theepochtimes.com
1    54.192.235.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-235-59.otp50.r.cloudfront.net
cdn.moengage.com
9    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
7    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    18.66.147.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-53.fra60.r.cloudfront.net
js.chargebee.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:26f0:3500:8::c16c:9912 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
vs1.youmaker.com
17    34.120.33.89 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.33.120.34.bc.googleusercontent.com
comment.youmaker.com
4    34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com
pwe.epochbase.com
1    35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com
www.youmaker.com
1    34.120.97.157 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 157.97.120.34.bc.googleusercontent.com
sc.youmaker.com
3    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
7    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    54.76.235.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-235-247.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2600:9000:20eb:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    108.138.17.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-30.fra56.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
2    108.138.7.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-117.fra56.r.cloudfront.net
sdk-02.moengage.com
5    4.7.168.74 (Naples, United States)

ASN3356 (LEVEL3, US)
ea.epochbase.com
1    2600:1f13:57e:7b01:7fd2:cadd:e467:5665 (Boardman, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
2    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media
mixi.media
static.mixi.media
target.mixi.media
static8.mixi.media
static7.mixi.media
static1.mixi.media
static5.mixi.media
static4.mixi.media
2    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
21    2606:4700:3038::6815:ea34 (United States)

ASN13335 (CLOUDFLARENET, US)
services.epoch.cloud
cdn.epoch.cloud
subsapi.epoch.cloud
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com
subs.youmaker.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    82.202.225.227 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.ssel21.imcmdb.net
stat.media
6    18.215.71.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-71-12.compute-1.amazonaws.com
api.cloudsponge.com
1    2606:4700:3038::6815:ea35 (United States)

ASN13335 (CLOUDFLARENET, US)
subsapi.epoch.cloud
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
1    3.5.82.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
4    52.55.90.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-90-187.compute-1.amazonaws.com
tags.wdsvc.net
1    18.66.147.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-15.fra60.r.cloudfront.net
clientcdn.pushengage.com
1    52.222.236.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-121.fra56.r.cloudfront.net
collect.cloudsponge.com
1    2600:9000:21c7:6a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    2600:1f18:730:b110:ee02:ef72:6352:30c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    174.129.31.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-31-112.compute-1.amazonaws.com
rp4.liadm.com
1    54.158.226.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-226-104.compute-1.amazonaws.com
idx.liadm.com
2    52.25.208.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-208-196.us-west-2.compute.amazonaws.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    2600:9000:223e:4800:11:5760:8340:93a1 (United States)

ASN16509 (AMAZON-02, US)
image-eu.moengage.com
Apex Domain
Subdomains		 Transfer
89 theepochtimes.com
www.theepochtimes.com — Cisco Umbrella Rank: 54532
subs.theepochtimes.com — Cisco Umbrella Rank: 92548
img.theepochtimes.com — Cisco Umbrella Rank: 34195
6 MB
22 epoch.cloud
services.epoch.cloud — Cisco Umbrella Rank: 99010
cdn.epoch.cloud — Cisco Umbrella Rank: 98731
subsapi.epoch.cloud — Cisco Umbrella Rank: 86686
398 KB
21 youmaker.com
vs1.youmaker.com — Cisco Umbrella Rank: 87852
comment.youmaker.com — Cisco Umbrella Rank: 73112
www.youmaker.com — Cisco Umbrella Rank: 77324
sc.youmaker.com — Cisco Umbrella Rank: 88447
subs.youmaker.com — Cisco Umbrella Rank: 84461
648 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 73
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189
159 KB
14 mixi.media
mixi.media — Cisco Umbrella Rank: 60952
static.mixi.media — Cisco Umbrella Rank: 114322
target.mixi.media — Cisco Umbrella Rank: 77115
static8.mixi.media — Cisco Umbrella Rank: 97171
static7.mixi.media — Cisco Umbrella Rank: 83190
static1.mixi.media — Cisco Umbrella Rank: 97194
static5.mixi.media — Cisco Umbrella Rank: 184860
static4.mixi.media — Cisco Umbrella Rank: 146349
548 KB
13 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 606
prebid.adnxs.com — Cisco Umbrella Rank: 1459
ib.adnxs.com — Cisco Umbrella Rank: 204
46 KB
12 googlesyndication.com
a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
253 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2610
21 KB
9 epochbase.com
pwe.epochbase.com — Cisco Umbrella Rank: 119697
ea.epochbase.com — Cisco Umbrella Rank: 80965
229 KB
9 google.de
www.google.de — Cisco Umbrella Rank: 6168
adservice.google.de — Cisco Umbrella Rank: 8649
2 KB
7 cloudsponge.com
api.cloudsponge.com — Cisco Umbrella Rank: 48455
collect.cloudsponge.com — Cisco Umbrella Rank: 60115
52 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1311
k.clarity.ms — Cisco Umbrella Rank: 9538
c.clarity.ms — Cisco Umbrella Rank: 1866
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
419 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2737
rp.liadm.com — Cisco Umbrella Rank: 1534
rp4.liadm.com — Cisco Umbrella Rank: 7085
idx.liadm.com — Cisco Umbrella Rank: 2357
13 KB
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 27580
29 KB
4 stat.media
stat.media — Cisco Umbrella Rank: 38904
29 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 739
736 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
c.bing.com — Cisco Umbrella Rank: 255
14 KB
4 moengage.com
cdn.moengage.com — Cisco Umbrella Rank: 20771
sdk-02.moengage.com — Cisco Umbrella Rank: 10560
image-eu.moengage.com — Cisco Umbrella Rank: 32043
74 KB
3 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 567
781 B
3 amazonaws.com
s3-us-west-2.amazonaws.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 39943
38 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 182
122 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 149
777 B
2 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 5041
793 B
2 chargebee.com
js.chargebee.com — Cisco Umbrella Rank: 20016
79 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 921
pixel.quantserve.com — Cisco Umbrella Rank: 673
10 KB
1 pushengage.com
clientcdn.pushengage.com — Cisco Umbrella Rank: 17953
25 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
2 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 296
87 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2309
25 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 203
1 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 837
533 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 527
393 B
1 t.co
t.co — Cisco Umbrella Rank: 485
376 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 881
448 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 588
15 KB
1 gstatic.com
fonts.gstatic.com
14 KB
0 alexametrics.com Failed
certify.alexametrics.com Failed
293 41
Domain Requested by
41 subs.theepochtimes.com www.theepochtimes.com
subs.theepochtimes.com
24 img.theepochtimes.com www.theepochtimes.com
24 www.theepochtimes.com www.theepochtimes.com
17 comment.youmaker.com www.theepochtimes.com
comment.youmaker.com
16 cdn.epoch.cloud www.theepochtimes.com
subs.theepochtimes.com
9 www.google.com 1 redirects www.theepochtimes.com
tpc.googlesyndication.com
9 www.google-analytics.com www.theepochtimes.com
www.google-analytics.com
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.theepochtimes.com
8 www.google.de www.theepochtimes.com
7 ib.adnxs.com www.theepochtimes.com
acdn.adnxs.com
7 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 api.cloudsponge.com ajax.googleapis.com
api.cloudsponge.com
6 www.googletagmanager.com www.theepochtimes.com
www.googletagmanager.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 ea.epochbase.com subs.theepochtimes.com
www.googletagmanager.com
4 tags.wdsvc.net 1 redirects tags.wdsvc.net
4 static5.mixi.media www.theepochtimes.com
4 stat.media mixi.media
stat.media
4 services.epoch.cloud www.theepochtimes.com
subs.theepochtimes.com
4 onetag-sys.com www.theepochtimes.com
4 pwe.epochbase.com www.theepochtimes.com
subs.theepochtimes.com
3 insight.adsrvr.org
3 mixi.media www.theepochtimes.com
static.mixi.media
3 prebid.adnxs.com www.theepochtimes.com
3 www.googletagservices.com www.theepochtimes.com
securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects www.theepochtimes.com
3 acdn.adnxs.com www.theepochtimes.com
3 bat.bing.com www.theepochtimes.com
bat.bing.com
2 ckjjzdn8vk.execute-api.us-west-2.amazonaws.com s3-us-west-2.amazonaws.com
2 c.clarity.ms 1 redirects
2 subsapi.epoch.cloud www.theepochtimes.com
2 static1.mixi.media www.theepochtimes.com
2 k.clarity.ms www.clarity.ms
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 sdk-02.moengage.com cdn.moengage.com
2 exchange.postrelease.com www.theepochtimes.com
2 js.chargebee.com subs.theepochtimes.com
js.chargebee.com
1 image-eu.moengage.com
1 idx.liadm.com b-code.liadm.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 b-code.liadm.com s3-us-west-2.amazonaws.com
1 collect.cloudsponge.com api.cloudsponge.com
1 clientcdn.pushengage.com www.theepochtimes.com
1 s3-us-west-2.amazonaws.com www.theepochtimes.com
1 www.googleadservices.com www.googletagmanager.com
1 c.bing.com 1 redirects
1 static4.mixi.media www.theepochtimes.com
1 static7.mixi.media www.theepochtimes.com
1 static8.mixi.media www.theepochtimes.com
1 target.mixi.media www.theepochtimes.com
1 static.mixi.media mixi.media
1 ajax.googleapis.com subs.theepochtimes.com
1 subs.youmaker.com subs.theepochtimes.com
1 stackpath.bootstrapcdn.com subs.theepochtimes.com
1 cdnjs.cloudflare.com subs.theepochtimes.com
1 a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.theepochtimes.com
1 pixel.quantserve.com www.theepochtimes.com
1 sync.go.sonobi.com www.theepochtimes.com
1 d31qbv1cthcecs.cloudfront.net www.theepochtimes.com
1 analytics.twitter.com www.theepochtimes.com
1 t.co www.theepochtimes.com
1 rules.quantcount.com secure.quantserve.com
1 sc.youmaker.com www.theepochtimes.com
1 www.youmaker.com www.theepochtimes.com
1 vs1.youmaker.com www.theepochtimes.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.ads-twitter.com www.theepochtimes.com
1 secure.quantserve.com www.theepochtimes.com
1 fonts.gstatic.com www.theepochtimes.com
1 cdn.moengage.com www.theepochtimes.com
0 certify.alexametrics.com Failed www.theepochtimes.com
293 77
Subject Issuer Validity Valid
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-06-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.moengage.com
Go Daddy Secure Certificate Authority - G2		 2022-02-02 -
2023-02-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
js.chargebee.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-18 -
2023-01-17		 a year crt.sh
*.epochbase.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-17 -
2022-12-18		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-13 -
2023-10-12		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
mixi.media
R3		 2022-11-05 -
2023-02-03		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
static.mixi.media
R3		 2022-11-05 -
2023-02-03		 3 months crt.sh
stat.media
R3		 2022-11-21 -
2023-02-19		 3 months crt.sh
target.mixi.media
R3		 2022-11-05 -
2023-02-03		 3 months crt.sh
cloudsponge.com
Amazon		 2022-09-25 -
2023-10-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-24		 a year crt.sh
*.pushengage.com
Amazon		 2022-02-18 -
2023-03-17		 a year crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2		 2022-11-03 -
2023-11-01		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.execute-api.us-west-2.amazonaws.com
Amazon		 2022-07-02 -
2023-07-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 15 frames:

Primary Page: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Frame ID: 12B4BB8569681D1EA07925122C08A86E
Requests: 206 HTTP requests in this frame

Frame: https://a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F416DED0F0B12ED1C5D90AAA5A041C8
Requests: 1 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
Frame ID: 31E9508194E075DB141EC0F9F8CD2EF1
Requests: 2 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
Frame ID: BD81A03585DE452236E1B1263972AC1F
Requests: 3 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Frame ID: 589908B6606BB53DD2018E6C999274C8
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3aOXSk4esXEeoK4rLvaKDa_vKbg3YUT-JTl75U7d0A3QKKKupPzsK4_ici-yB5oC4ptjXmlry1QT2wGaj7jEPdnwyad2jvP2rj96i3p5dlDNqB5ZVnDUqXzC-0SAlJhcb5tOAnbfNYHvxyTAcqdrJfM-GV23ii9xhyhqEmb4QUJHsIZ7bHRKMyNQ7YZ4P9T_PZhd3opcfXxTbXB8CNZv0MoavNDJdd6tWJJh7I96D12DnX3QPwyPGfKjAmX29W1rhw-Ng0FK1CshpqmI4ivWnxu4NG02ssfu-dAb_ASwvkI6qLuYkTVlQZqDY2xt3D5W91ea30upqiWnbFNZujqbTXxmggcKF0UfO--WwB90&sai=AMfl-YRC7g5ycwokIIeW6ISNsrT43g6YpmwTaTKmVeG8CgHt-dPwbuqjRpXWhqgl7hKZNnl7rNE5hW5Qqbnj2EdaRorT2QWlxl5C1j-CUQVSc-MGspLl3iFum8twE2blpJtV&sig=Cg0ArKJSzMWtWqOZcneQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8A8144096D3B74B66C3AA0B3BE2CD304
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul_O3UuWb3VoKhi3-8xglUjE35dxU8aG_agu0wPdlBlaThIQ4Yc7_YKuUdy3wJEJcCzYdOv0-m5sZx7FKWP0Ejza8LyDxEkSTtkIIsNW9xBCrdKMO7o-AfM2FucIhNTOIeQ_0aopLI9DJHeeRW4TzTudmFbWgbMLtnYly4Iv-c5yW59J2Xloexanzg8__GCL16BjS6zi4Qh5LpvYZj9ZnpZ0aC_w81vw8Bgj_JFymu9puPtCEBnbUUpeBWt4aQYWD5lruSJaVflNA-cHYBKdCMPREHAHAJ13o17hp67bN8IWLoMcN51s_LHAwXGrKIn72ySe196ajiV4AjS145rZYEXKRmTgORUh5JVzGqsPoMkYa-ruWe_6VHhKMwBqq6iB5DKQH54yiUd7o&sai=AMfl-YRhh5BchXtcquITXIs27tFVoNn-uqP1zUQB32pEcnTqrZkRvIwGHvSKbIIuT4oD0aPpIgsuGu5R8uMAB0FWo6vvWnnq6hfz7qna_-QRbiH1tWct5BpMjuBJIJhLQd6v&sig=Cg0ArKJSzAfTM-g31NlREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 83EE63D2EB41899C365DCD9E99657274
Requests: 6 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Frame ID: 0927AEFFE1F4349A7B11A9E10C3C6318
Requests: 12 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Frame ID: 75E68E0155DA0E5DFA1F6E4FF87CDC4B
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC2CD67EF15AF35CD346F2B41238D5C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A776A07E04CCA3A7FD469ABB680A7D5B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670031484985
Frame ID: 57BA36E490E7D952C2B44B1C062BFA94
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670031484984
Frame ID: C8E2DCC84B26DD6A5F6F2669D48565DB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 885D72B8B3D5E2093F75CF12B6672B39
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2D698DBC339B34475B3AAE2B8131AC28
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

No Evidence Freedom Convoy Donations Were From Criminal Origins: GoFundMe Exec

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.chargebee\.com/v([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.moengage\.\w+
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

293
Requests

98 %
HTTPS

42 %
IPv6

41
Domains

77
Subdomains

64
IPs

6
Countries

9206 kB
Transfer

12635 kB
Size

57
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 252
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=F69E70B918E54DABA739791CD08C6DE6&RedC=c.clarity.ms&MXFR=0614772E7F2E6884271865417B2E669C HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=F69E70B918E54DABA739791CD08C6DE6&MUID=2337F3796B986B6E1DFDE1166A986A43
Request Chain 257
  • https://tags.wdsvc.net/controller.js?id=100415 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1670031487083
Request Chain 258
  • https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 265
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&value=0&auid=250151561.1670031485&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=fqiKY5voNMuG9fgPz-ym8As&sscte=1&crd=&eitems=ChAIgOGmnAYQq9qV8qnIlbISEh0ABbbZjNb_BZwnST_HibhGpuzbxJv8Gae6VOFE3w&pscrd=Ek5DaEVJZ09HbW5BWVEwNHF4N3BLcHpQN3pBUklsQUZ3RnptclBmcFRfNUtyRy1uMERxREpzenoxZGtVbDI0UWlVT3M3Ukpib2g1YVpTSFEaWENoRUlnT0dtbkFZUW1vT1JfUHlVMFp6Q0FSSXRBRjVkRnU1T0QtaDk3N1ljYzhjRllNOVZ2RnJDZmpKODU1MHB3ako0bHFld3BxWFpNcmFKMG8wQ2V2cHQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&value=0&auid=250151561.1670031485&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09HbW5BWVEwNHF4N3BLcHpQN3pBUklsQUZ3RnptclBmcFRfNUtyRy1uMERxREpzenoxZGtVbDI0UWlVT3M3Ukpib2g1YVpTSFEaWENoRUlnT0dtbkFZUW1vT1JfUHlVMFp6Q0FSSXRBRjVkRnU1T0QtaDk3N1ljYzhjRllNOVZ2RnJDZmpKODU1MHB3ako0bHFld3BxWFpNcmFKMG8wQ2V2cHQ&is_vtc=1&ocp_id=fqiKY5voNMuG9fgPz-ym8As&cid=CAQSKQDq26N9yrseFT0q9lMa3bjdawV_L_0L5_Uj-0DF0nT42S5iGyxYpM1aIBM&eitems=ChAIgOGmnAYQq9qV8qnIlbISEh0ABbbZjKGVSo2oY3_IlI5AwegbWUaB3_sEzZ-cNQ&random=2157840677 HTTP 302
  • https://www.google.de/pagead/1p-conversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&value=0&auid=250151561.1670031485&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09HbW5BWVEwNHF4N3BLcHpQN3pBUklsQUZ3RnptclBmcFRfNUtyRy1uMERxREpzenoxZGtVbDI0UWlVT3M3Ukpib2g1YVpTSFEaWENoRUlnT0dtbkFZUW1vT1JfUHlVMFp6Q0FSSXRBRjVkRnU1T0QtaDk3N1ljYzhjRllNOVZ2RnJDZmpKODU1MHB3ako0bHFld3BxWFpNcmFKMG8wQ2V2cHQ&is_vtc=1&ocp_id=fqiKY5voNMuG9fgPz-ym8As&cid=CAQSKQDq26N9yrseFT0q9lMa3bjdawV_L_0L5_Uj-0DF0nT42S5iGyxYpM1aIBM&eitems=ChAIgOGmnAYQq9qV8qnIlbISEh0ABbbZjKGVSo2oY3_IlI5AwegbWUaB3_sEzZ-cNQ&random=2157840677&ipr=y&prhg=0
Request Chain 283
  • https://rp.liadm.com/j?dtstmp=1670031487759&se=e30&duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&tna=v2.5.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&wpn=lc-bundle HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1670031487759&se=e30&duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&tna=v2.5.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&wpn=lc-bundle&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjE1&n3pc=true

293 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
www.theepochtimes.com/ 		56 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
becbbc53907850413170158b52085d0ec9f87c8a1cd45e4cc73c8fa74c734220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 03 Dec 2022 01:38:04 GMT
server
nginx
x-cache-status
MISS
x-content-type-options
nosniff
x-device
desktop
x-hw
1670031483.cds143.fr8.hn,1670031483.cds266.fr8.sc,1670031484.cds266.fr8.p
x-xss-protection
1; mode=block
template.css
subs.theepochtimes.com/lib/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/template.css?ver=20220518
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e62ceddb62c9bc2a587cb13644fc54749e672555c91c680d8bdd046b19d52d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 google
last-modified
Mon, 10 Oct 2022 18:35:40 GMT
server
nginx/1.20.1
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3377
single-merge.min.css
www.theepochtimes.com/assets/themes/eet/css/ 		113 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
84eb26362d62dc24554a20c295f2d7fc4735b3303179b57a9bc70c6db94b46e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 29 Oct 2022 00:28:07 GMT
server
nginx
x-microcachable
0
etag
W/"635c7397-1c56e"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds224.fr8.c
content-type
text/css
cache-control
max-age=600
accept-ranges
bytes
content-length
48923
x-xss-protection
1; mode=block
x-device
desktop
slick.css
www.theepochtimes.com/assets/themes/eet/css/ 		2 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/css/slick.css?ver=20170224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
x-microcachable
0
etag
W/"59bae35d-69d"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds168.fr8.c
content-type
text/css
cache-control
max-age=600
accept-ranges
bytes
content-length
569
x-xss-protection
1; mode=block
x-device
desktop
prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		269 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
72974739823d21db3088160569739b4bbbc3c4f1bb0fe5ae6afe1e89ac515258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 May 2022 17:56:12 GMT
server
nginx
etag
W/"627955bc-43504"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds159.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
100076
x-xss-protection
1; mode=block
x-device
desktop
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0eba2425939043541ac0423f0d1ce0c47e40797125394232ce1b40e4b2eb81f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76262
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 03 Dec 2022 01:38:04 GMT
logo_eet.svg
www.theepochtimes.com/assets/themes/eet/images/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/logo_eet.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Aug 2018 21:43:01 GMT
server
nginx
etag
"5b807be5-3f5c"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds206.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5932
x-xss-protection
1; mode=block
x-device
desktop
logo_vertical.png
www.theepochtimes.com/assets/themes/eet/images/ 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/logo_vertical.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
9248ef5db07daf1037b001b1ea7ffdba722f041064f30555795fdb12a4dcf1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 17:21:44 GMT
server
nginx
x-microcachable
0
etag
"617adc28-3ab"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds286.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
939
x-xss-protection
1; mode=block
x-device
desktop
GettyImages-1237854873-300x180.jpg
img.theepochtimes.com/assets/uploads/2022/11/01/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/01/GettyImages-1237854873-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
406b4b8987fd727ca81399026608142b60669d31d33409a5ba2118f5cd11be1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
19553
Last-Modified
Thu, 01 Dec 2022 13:49:19 GMT
Server
nginx
ETag
"6388b0df-4c61"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31406678
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Fri, 01 Dec 2023 13:42:42 GMT
maricopa-county-ballot-count-300x180.jpg
img.theepochtimes.com/assets/uploads/2022/11/24/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/24/maricopa-county-ballot-count-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
99fc9591298aadd32f93e88812572bcc38f74747feb010fba4a40a43393e0dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
29546
Last-Modified
Thu, 24 Nov 2022 11:47:37 GMT
Server
nginx
ETag
"637f59d9-736a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31422285
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Fri, 01 Dec 2023 18:02:49 GMT
Elon-Musk-e1669286822359-300x180.jpg
img.theepochtimes.com/assets/uploads/2022/11/24/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/24/Elon-Musk-e1669286822359-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d98f04a032f477d47240d3ae08bdbd3cdb4b6a10a93bc71031840d11a7e5ddb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
8588
Last-Modified
Thu, 24 Nov 2022 10:53:47 GMT
Server
nginx
ETag
"637f4d3b-218c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30845837
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 25 Nov 2023 01:55:21 GMT
CP150494524-700x420.jpg
img.theepochtimes.com/assets/uploads/2022/09/18/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/09/18/CP150494524-700x420.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
46340e89db8be816177c6da6ce55b17b3eb7d877fd802e36a77c0bfddd0b5df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
66764
Last-Modified
Sun, 18 Sep 2022 16:36:44 GMT
Server
nginx
ETag
"6327491c-104cc"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31456435
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 02 Dec 2023 03:31:59 GMT
WEB_PeterWilson.jpg
img.theepochtimes.com/assets/uploads/2022/07/18/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/07/18/WEB_PeterWilson.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
91e4a65e744dcf2cea6aa10d37d1c3eff9d71ae40c8d051110ad8e580fbd627e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
139241
Last-Modified
Mon, 18 Jul 2022 18:40:39 GMT
Server
nginx
ETag
"62d5a927-21fe9"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30390615
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 19 Nov 2023 19:28:19 GMT
EpochTV_Gold_Home.png
www.theepochtimes.com/assets/themes/eet/images/premium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/premium/EpochTV_Gold_Home.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
7e26854636676991f1d950121ab8e5e484ede7d67dc896dd2d6a9d4d607d8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 14:55:20 GMT
server
nginx
etag
"607853d8-5c01"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds241.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
23553
x-xss-protection
1; mode=block
x-device
desktop
ATL-440x880-v2.jpg
img.theepochtimes.com/assets/uploads/2022/01/30/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/30/ATL-440x880-v2.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4e9608cd74e0a789eee25a6b0078b650d88862ffc316716c6294884b03fd5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
52163
Last-Modified
Sun, 30 Jan 2022 18:50:03 GMT
Server
nginx
ETag
"61f6dddb-cbc3"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496197
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 15 Apr 2023 03:01:21 GMT
CounterCulture-440x880.jpg
img.theepochtimes.com/assets/uploads/2022/01/31/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/31/CounterCulture-440x880.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ec00fd20863c4b31d8bf4afb089f32de970fd518668518f06fdb3efde67042cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
235094
Last-Modified
Mon, 31 Jan 2022 17:54:30 GMT
Server
nginx
ETag
"61f82256-39656"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496295
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 15 Apr 2023 03:02:59 GMT
FactsMatter-440x880.jpg
img.theepochtimes.com/assets/uploads/2022/01/28/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/28/FactsMatter-440x880.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9149b9773658b424e818605f1cf87498c74b3eb92abe3324f893b3b148cab6f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
301530
Last-Modified
Fri, 28 Jan 2022 20:27:08 GMT
Server
nginx
ETag
"61f4519c-499da"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496289
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 15 Apr 2023 03:02:53 GMT
AmericanCrossroads_HomePoster_BW_600x1200.jpg
img.theepochtimes.com/assets/uploads/2021/09/10/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/09/10/AmericanCrossroads_HomePoster_BW_600x1200.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f4440116c1058bd77df3d46c84e0e807731b5302cda5c190dfd233e8de516a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
99961
Last-Modified
Fri, 10 Sep 2021 15:20:17 GMT
Server
nginx
ETag
"613b77b1-18679"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496241
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 15 Apr 2023 03:02:05 GMT
larry-440x880.jpeg
img.theepochtimes.com/assets/uploads/2021/05/26/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/05/26/larry-440x880.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1ad886d5daed57a89ccce0cb2d34b21c2ff6cc109a8e2ed40635516d939c0456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
179203
Last-Modified
Wed, 26 May 2021 17:34:55 GMT
Server
nginx
ETag
"60ae86bf-2bc03"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496356
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 15 Apr 2023 03:04:00 GMT
Steve-FINAL-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/11/25/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/25/Steve-FINAL-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
37dac971a36eb9c697c1a05cef03446739c13390f494980fbb423d125020963a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
41517
Last-Modified
Fri, 25 Nov 2022 01:48:55 GMT
Server
nginx
ETag
"63801f07-a22d"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30848572
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sat, 25 Nov 2023 02:40:56 GMT
The-Shadow-State-1920x1080-1-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/11/28/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/28/The-Shadow-State-1920x1080-1-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c2e6b4a388e1ecd6d9cdb9ff4d6e7a149bf2f18b7b8798dd4ad57189a48ca7ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
36956
Last-Modified
Mon, 28 Nov 2022 18:03:43 GMT
Server
nginx
ETag
"6384f7ff-905c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31162941
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Tue, 28 Nov 2023 18:00:25 GMT
Ep251-1-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/11/26/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/26/Ep251-1-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5a298c0d8b0e2ca035c68f120366ebd3b1116a3472ed473365830503e80314ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
50564
Last-Modified
Sat, 26 Nov 2022 23:22:55 GMT
Server
nginx
ETag
"63829fcf-c584"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31018528
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 27 Nov 2023 01:53:32 GMT
FINALLL-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/11/30/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/30/FINALLL-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b278f09f431b42540dae43942b46d9f84c475556fac1db39f8a4fda039caee21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
47421
Last-Modified
Wed, 30 Nov 2022 01:49:39 GMT
Server
nginx
ETag
"6386b6b3-b93d"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31278383
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Thu, 30 Nov 2023 02:04:27 GMT
flip-yt-tn-v1.001-600x338.png
img.theepochtimes.com/assets/uploads/2022/11/26/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/26/flip-yt-tn-v1.001-600x338.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6c0538032a94c4938b3c92c30b41b8f15a70e0400c94a1b281759ef737b6f480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
213352
Last-Modified
Sat, 26 Nov 2022 00:44:02 GMT
Server
nginx
ETag
"63816152-34168"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30929973
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 26 Nov 2023 01:17:37 GMT
S6-EP2-Kashs-Corner-SQ-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/11/26/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/26/S6-EP2-Kashs-Corner-SQ-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
eab7ece6058790b368e40da85cb0dfd67086f1d6c70d5a405bc382cec0958936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
47787
Last-Modified
Sat, 26 Nov 2022 01:32:17 GMT
Server
nginx
ETag
"63816ca1-baab"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30935955
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 26 Nov 2023 02:57:19 GMT
signal-2022-11-30-150759_004-600x338.jpeg
img.theepochtimes.com/assets/uploads/2022/11/30/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/30/signal-2022-11-30-150759_004-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
45c4ebf83b8dc78cd96827eaca9d913fc263046e85c7af62a2721bbabeccd18e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
37649
Last-Modified
Wed, 30 Nov 2022 21:21:59 GMT
Server
nginx
ETag
"6387c977-9311"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31352699
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Thu, 30 Nov 2023 22:43:03 GMT
FINAL-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/11/27/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/27/FINAL-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0ed3032f39805f93d5a1680b4c8790efea35cdad469a5013a193dcb7028f14c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
43916
Last-Modified
Sun, 27 Nov 2022 01:37:38 GMT
Server
nginx
ETag
"6382bf62-ab8c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31017916
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 27 Nov 2023 01:43:20 GMT
signal-2022-11-29-180535_002-600x338.jpeg
img.theepochtimes.com/assets/uploads/2022/11/30/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/30/signal-2022-11-29-180535_002-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
65fe8f9502341da5b7788a21bc78499d5766f8912f5c68f34f4cdb9a5c60dc52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
46769
Last-Modified
Wed, 30 Nov 2022 17:45:20 GMT
Server
nginx
ETag
"638796b0-b6b1"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31335656
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Thu, 30 Nov 2023 17:59:00 GMT
signal-2022-11-22-202435_002-600x338.jpeg
img.theepochtimes.com/assets/uploads/2022/11/23/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/11/23/signal-2022-11-22-202435_002-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
61d5c15d64ebee0b5b03675e9235fb9aad496f1eee422ecfcecd6496f7abbdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
34159
Last-Modified
Wed, 23 Nov 2022 17:11:41 GMT
Server
nginx
ETag
"637e544d-856f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30727666
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Thu, 23 Nov 2023 17:05:50 GMT
EET_footer.png
www.theepochtimes.com/assets/themes/eet/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/EET_footer.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Aug 2018 19:13:08 GMT
server
nginx
x-microcachable
0
etag
"5b7db5c4-1d36"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds274.fr8.c
content-type
image/png
cache-control
max-age=600
accept-ranges
bytes
content-length
7478
x-xss-protection
1; mode=block
x-device
desktop
jquery-all.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		98 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 15:48:53 GMT
server
nginx
etag
W/"618d3b65-188fe"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds057.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
40721
x-xss-protection
1; mode=block
x-device
desktop
bottom.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20221122
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
3d53db8613c1ec140c96e4cca2945cadf0643f5ed5e636ddb5394b00fe0160cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Nov 2022 16:38:19 GMT
server
nginx
etag
W/"637cfafb-18f90"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds206.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
32523
x-xss-protection
1; mode=block
x-device
desktop
api.bundle.js
subs.theepochtimes.com/lib/ 		219 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
17dd9b7c029f1a673caf7ab6fe8aa53663d03b7ed4f832a3eb99d023648f5908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 google
last-modified
Mon, 10 Oct 2022 18:35:40 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224033
remark.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20221118
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
4e5899c78911240bc29b8e0281918f54b24e330233b75ecd348cb9c819e968f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Nov 2022 19:55:13 GMT
server
nginx
etag
W/"6377e321-18b1"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds287.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
2138
x-xss-protection
1; mode=block
x-device
desktop
slick.js
www.theepochtimes.com/assets/themes/eet/js/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/slick.js?ver=20170324
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:26 GMT
server
nginx
etag
W/"59bae35e-14929"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds265.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
18949
x-xss-protection
1; mode=block
x-device
desktop
aplayer.js
www.theepochtimes.com/assets/themes/eet/js/ 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/aplayer.js?ver=20220527
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
6db053d1e5f5098522d46c1034024af3e312fd1d88a73ef39e87d5a4762aecf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 May 2022 14:16:12 GMT
server
nginx
etag
W/"6294d1ac-27166"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds287.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
57663
x-xss-protection
1; mode=block
x-device
desktop
article_ads_prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20221114
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
678b5b80d65759f2ad0dc78f02bc5ed275c1492de1af752d1226e921a91af450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Nov 2022 22:37:13 GMT
server
nginx
etag
W/"6372c319-cfbb"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds240.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
14907
x-xss-protection
1; mode=block
x-device
desktop
moe_webSdk.min.latest.js
cdn.moengage.com/webpush/ 		261 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.235.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-235-59.otp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f1b6ca0080e86730668b60355b2ccf40260e6053e33d5198c1d79b51f388a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:32:20 GMT
content-encoding
gzip
via
1.1 1720bb030cc631abfb95557cbd3ef61e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Nov 2022 08:55:33 GMT
server
AmazonS3
x-amz-cf-pop
OTP50-C1
age
350
etag
W/"c61f9f8a8e9575f493e98cca2d4ba16c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
nBZ-E_dKz8l03ibK-mHW0GtOLFdH2shId_vtHW6PaqjqKmFViu-lmA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Dec 2022 01:15:47 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1337
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 03 Dec 2022 03:15:47 GMT
gtm.js
www.googletagmanager.com/ 		254 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1c97ef91a242bb452b32904e4988e65df52ce049990c4d283419500c08c214b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88967
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 01:38:04 GMT
D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e9d4"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds280.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59860
x-xss-protection
1; mode=block
x-device
desktop
D-DINCondensed-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DINCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e454"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds222.fr8.c
content-type
font/opentype
cache-control
max-age=315360000
accept-ranges
bytes
content-length
58452
x-xss-protection
1; mode=block
x-device
desktop
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c687268c074a05d39ef61d7bd6a3214774099d5ff018ff0b5ac0b5f1fcfbf031

Request headers

Referer
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
telegram-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/telegram-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
x-microcachable
0
etag
"601aeb41-cbf6"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds277.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
52214
x-xss-protection
1; mode=block
x-device
desktop
mewe-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/mewe-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
x-microcachable
0
etag
"601aeb41-772"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds268.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1906
x-xss-protection
1; mode=block
x-device
desktop
plus-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		465 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/plus-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
x-microcachable
0
etag
"601aeb41-1d1"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds281.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
465
x-xss-protection
1; mode=block
x-device
desktop
backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 		1 KB
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
etag
"59bae35d-498"
x-cache-status
HIT
x-hw
1670031484.cds143.fr8.hn,1670031484.cds260.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
579
x-xss-protection
1; mode=block
x-device
desktop
D-DIN-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-eb1c"
x-cache-status
STALE
x-hw
1670031484.cds143.fr8.hn,1670031484.cds135.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
60188
x-xss-protection
1; mode=block
x-device
desktop
RingsideCondensed-Bold.otf
img.theepochtimes.com/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
124652
Last-Modified
Mon, 15 Nov 2021 18:18:14 GMT
Server
nginx
ETag
"6192a466-1e6ec"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496023
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v10/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 09:28:58 GMT
x-content-type-options
nosniff
age
576546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14200
x-xss-protection
0
last-modified
Wed, 17 Jul 2019 00:00:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 09:28:58 GMT
RingsideCondensed-Book.otf
img.theepochtimes.com/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideCondensed-Book.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
eff8407713a4db64425aa277a1cf6b097b72cc3b1b0fbafb04a1cb24066ec61f

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
124420
Last-Modified
Thu, 18 Nov 2021 18:20:53 GMT
Server
nginx
ETag
"61969985-1e604"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496324
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Acta-Book.otf
img.theepochtimes.com/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-Book.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20221028
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
42924
Last-Modified
Fri, 19 Nov 2021 20:22:11 GMT
Server
nginx
ETag
"61980773-a7ac"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496150
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1612355859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&dp=%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=429694496&gjid=1199220349&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&_r=1&_slc=1&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=965439773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/?random=1670031484643&cv=11&fst=1670031484643&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&auid=250151561.1670031485&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40efedea8e7a34578f3389a1c3405e4538627df382d53b668c8c49063f662bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
951
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:38:04 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 03 Dec 2022 01:38:04 GMT
last-modified
Wed, 09 Nov 2022 21:23:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 57125329919D461B86C79AE9D813C26C Ref B: FRAEDGE1917 Ref C: 2022-12-03T01:38:04Z
etag
"077538f81f4d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11421
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-hhn11521-HHN
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-696467118
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98e71ded0e4eee459196ef01d1430edc28fcf148300bf314ea1e9ee4b88f5570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53011
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 01:38:04 GMT
pixie.js
acdn.adnxs.com/dmp/up/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Expires
Mon, 31 Oct 2022 05:58:51 GMT
Date
Sat, 03 Dec 2022 01:38:04 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
70688
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-fra-eddf8230058-FRA
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1670031485.682008,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
8, 15039
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a87b220dbef9164f5c2c3916322172546dd7311dea8655582d6a54db4864fba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76269
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 03 Dec 2022 01:38:04 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-737062143&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d41af38073f1d919006f26ed6e3ef9ecaac089e27f571d8d5a29342abaedd1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66938
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 01:38:04 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-676906137&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa996a6d86287e08c259f2989e04877f08ab259117b1daa31c69373fd86991ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66968
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 01:38:04 GMT
b
sb.scorecardresearch.com/ 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1670031484641&ns_c=UTF-8&c8=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&c9=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
uuCHUNMPoJBwz7xs4G5ZyfW3LpsmkXY9uYQ_Wprl5QkVc_RU4OKoBQ==
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10465455-30&cid=152341740.1670031485&jid=429694496&uid=anone984-db32-4f85-ad23-18553b3d132d&gjid=1199220349&_gid=1661403411.1670031485&_u=YGBACEAABAAAACAAI~&z=1889542748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=2oebu0&_p=1612355859&cid=152341740.1670031485&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670031484&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&en=page_view&_fv=1&_ss=1&ep.eet_cat_names=Canada%3BWorld&ep.eet_all_term_ids=canada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892&ep.eet_primary_category_name=Canada&ep.eet_author_name=Peter%20Wilson
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chargebee.js
js.chargebee.com/v2/ 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8e2e77bc0149feea29d42a391b8cad619fd640e958de5c197b4908b04c3e2c6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
RveTiTmkpCH0fuNqoksSEaicPdWRNs_O
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Sat, 03 Dec 2022 01:37:27 GMT
last-modified
Thu, 01 Dec 2022 09:41:55 GMT
server
AmazonS3
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"5d7e4b0b322d1f38131de5b8c8542a4e"
age
37
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
nc5cV1-BXRAylUMbVJpcVcDTrsn7eHKu4k2x080m5rSrFdKj8z08Yw==
geo
subs.theepochtimes.com/rules/ 		116 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/rules/geo
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1646931f6987ce06293358837b7f91b34dcaa393c4a1aa4a550f3b85191857c5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20221114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad66921129d3d73946c2e5a14c38eff98cfdae669aea4e04482710aff4e87d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27505
x-xss-protection
0
server
sffe
etag
"1410 / 329 of 1000 / last-modified: 1670022507"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Dec 2022 01:38:04 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10465455-30&cid=152341740.1670031485&jid=429694496&_u=YGBACEAABAAAACAAI~&z=265668464
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10465455-30&cid=152341740.1670031485&jid=429694496&_u=YGBACEAABAAAACAAI~&z=265668464
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio.mp3
vs1.youmaker.com/assets/2022/1118/e2ceeba6-e04e-43a0-9cd0-18110b2179a4/ 		68 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vs1.youmaker.com/assets/2022/1118/e2ceeba6-e04e-43a0-9cd0-18110b2179a4/audio.mp3?length=2420397&duration=202
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:8::c16c:9912 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://www.theepochtimes.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 03 Dec 2022 01:38:05 GMT
Server
nginx/1.20.1
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
must-revalidate, max-age=1800
Access-Control-Allow-Credentials
true
Connection
close
Akamai-Mon-Iucid-Del
1194989
Akamai-Cache-Control
max-age=1800,must-revalidate
Cdn-Cache-Control
no-store
Access-Control-Allow-Headers
origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
0
date
Sat, 03 Dec 2022 01:38:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
geo
pwe.epochbase.com/ 		143 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/geo
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
97364411a6efc28599a4466c17b7af72083d16f890d3fed02b38948f6631a116

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
test
www.youmaker.com/g/ 		7 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youmaker.com/g/test
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.68.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
counts
comment.youmaker.com/api/v1/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3527e1d977a7cbffd85f7833779af7d7e4dd215e437d0948b4998419b1418d87

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 UTC
count
sc.youmaker.com/site/article/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/site/article/count?site=www.theepochtimes.com&user=65792c40-d2e4-fe44-7c05-2b41157ee364&postid=4872079,4895167,4897975,4897363,4886578,4893500,4880351,4882569,4877950,4886580,4886318,4851684,4885960,4895665,4886578,4893500,4880351,4882569,4877950,4886580
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
7a136ba7c01e8baf5c3296a9a18490dbd678a363a03c2264b937303d53d71099

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 01:38:04 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json;charset=UTF-8
cookie_sync
prebid.adnxs.com/pbs/v1/ 		272 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
96ff3bb0706c736333cfb4b0910496410de6553b385b4af8de260f8a24b9d231

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:04 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		234 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
395f6a95839dae1891c53424a63e37f8a027b7f3b1d6ecd46ac566b6e9c6b096

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:04 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.233.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
234
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
39c4a5e135f695e1baa40108a59f48a5a327326336ba7ada4ae1c01ea411dc7d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:04 GMT
AN-X-Request-Uuid
412a7657-b8c5-4901-bb46-0f632c017f96
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
exchange.postrelease.com/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1165154&ntv_pb_rid=53fdd820d0b99&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic3RpY2t5X2FkX3RvcCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzk3MCwyNTBdLFs5NzAsOTBdLFs3MjgsOTBdXX19fV19&ntv_dbr=eyJzdGlja3lfYWRfdG9wIjowfQ==&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.235.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-235-247.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		234 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6cf192622b80babb40ecd488477cca7ef4d3ab33af65033c32744fb676d6539d

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:05 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.233.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
234
Expires
0
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
27e0c4d1dda8e2d413f4026744dbe746a5a43afb3bd15ce598caf515b1227f19
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:04 GMT
AN-X-Request-Uuid
8266f43c-c922-4fd7-89a8-41d45f102830
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1165155&ntv_pb_rid=1549cc16e5bfee&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYWRfcmlnaHRfdG9wXzMwMHgyNTBfMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJzdGlja3lfYWRfdG9wIjowLCJhZF9yaWdodF90b3BfMzAweDI1MF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.235.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-235-247.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
chevron_left.png
www.theepochtimes.com/assets/themes/eet/images/ 		982 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/chevron_left.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
af463b25ee108e48338456299a263e94b53b302b4524916661513e22dd773850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 17:04:32 GMT
server
nginx
x-microcachable
0
etag
"618958a0-3d6"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds246.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
982
x-xss-protection
1; mode=block
x-device
desktop
chevron_right.png
www.theepochtimes.com/assets/themes/eet/images/ 		980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/chevron_right.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
44be04ca10e45131b3040fd10ab82ba4792b1da6c66f6c0bbeb343e3ea01f6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 17:04:32 GMT
server
nginx
etag
"618958a0-3d4"
x-hw
1670031484.cds143.fr8.hn,1670031484.cds213.fr8.c
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
980
x-xss-protection
1; mode=block
x-device
desktop
pixie
ib.adnxs.com/ 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=a5648d7d-6906-4c7f-b72f-e2554cdb878d&it=1670031484827&v=0.0.20&u=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&st=1670031484826&et=1670031484827&if=0
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
rules-p-a128V7tctPVtT.js
rules.quantcount.com/ 		3 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 22:37:22 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
10843
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:44:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
hkIzEBMWFNqsoBXz-8syAwwhvk8bCrPTRqNUoGC4x3iXRMGAxxHZ0g==
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=cf3c5cc8-76ea-4a35-a88f-de6271febbad&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3f68326c-bedc-4ddb-8fa2-9ded0ce1d51c&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzye8&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-response-time
101
date
Sat, 03 Dec 2022 01:38:04 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e44c6d8539febaa0
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
07d39c116ffde7fc14056706dda1eb9600a4e805ddd13fc277cf6fb1c3f6a5f1
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cf3c5cc8-76ea-4a35-a88f-de6271febbad&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3f68326c-bedc-4ddb-8fa2-9ded0ce1d51c&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzye8&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-response-time
107
date
Sat, 03 Dec 2022 01:38:04 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0bf16515ec8456dd
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
5049411a049ed14dad3e420e993eae70c5a5ad023a0861ce7ccff12ceb4931d9
content-length
43
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
7428491
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
MdMdAEREB_TjlLPx_TlqzR4vJ-MjOt9PeSEgz8cpl2ldYHjqe-ZsUw==
/
www.google.com/pagead/1p-user-list/717879253/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/717879253/?random=1670031484643&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&fmt=3&is_vtc=1&random=1022035581&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/717879253/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/717879253/?random=1670031484643&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&fmt=3&is_vtc=1&random=1022035581&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
138003605.js
bat.bing.com/p/action/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/138003605.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a471adfd029d5c6dd112a844b3349e740d9a26de2de6aaae6a490089846e96cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 03 Dec 2022 01:38:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C7FE8B4E6550426CAB166F7D9AD0D88D Ref B: FRAEDGE1917 Ref C: 2022-12-03T01:38:04Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
1424
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=138003605&Ver=2&mid=3354ae96-9015-4e25-a7e6-cffc64a9d7a1&sid=21b5053072ab11eda1254957cf237342&vid=21b5905072ab11edae5133d8d74bab28&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&kw=Canada,Emergencies%20Act,Freedom%20Convoy%202022,gofundme,THE%20EPOCH%20TIMES&p=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&r=&lt=882&evt=pageLoad&sv=1&rn=991472
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 03 Dec 2022 01:38:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B1EC591276924B4C9D5F0AAFC9EF9832 Ref B: FRAEDGE1917 Ref C: 2022-12-03T01:38:04Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/ 		2 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/?random=1670031484910&cv=11&fst=1670031484910&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&auid=250151561.1670031485&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696467118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f76290becd98eb7ae6733f8c7b410978b17fa706545003d37f426b1fd15ec42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
968
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/ 		2 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/?random=1670031484931&cv=11&fst=1670031484931&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&auid=250151561.1670031485&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-676906137&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca1c1acdc2bbdde74d7d71a879b8df3df6ce364e425a9bc3957e3dafc1227e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/?random=1670031484943&cv=11&fst=1670031484943&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&auid=250151561.1670031485&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%3Bpost_id%3D4872079%3Bprimary_category_name%3DCanada%3Beet_tags%3DCanada%5C%3BFreedom%20Convoy%202022%5C%3BEmergencies%20Act%5C%3Bgofundme%3Ball_term_ids%3Dcanada2-362%5C%3Bworld-89904%5C%3Bfrontaudio-161329%5C%3Bcanada-top-news-100342%5C%3Btodays-headlines-98892&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-676906137&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
631e8faacd7ab2757435a6b167bb3fa85fcac71796a3aae7f39461a7dedbd85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1124
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/ 		2 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/?random=1670031484957&cv=11&fst=1670031484957&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&auid=250151561.1670031485&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-737062143&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c8678662cbe90480e2b3c24751d9ed9386ebae304bfa114d5dfa19c8252dcef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
968
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/?random=1670031484967&cv=11&fst=1670031484967&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&auid=250151561.1670031485&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%3Bpost_id%3D4872079%3Bprimary_category_name%3DCanada%3Beet_tags%3DCanada%5C%3BFreedom%20Convoy%202022%5C%3BEmergencies%20Act%5C%3Bgofundme%3Ball_term_ids%3Dcanada2-362%5C%3Bworld-89904%5C%3Bfrontaudio-161329%5C%3Bcanada-top-news-100342%5C%3Btodays-headlines-98892&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-737062143&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df90ec3f33bdaabf9d7afe6d5be1f357812f7a3d781dd405b18a7bd19faf71a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1125
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
116-f1752dbf9270229199e3.js
js.chargebee.com/v2/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/116-f1752dbf9270229199e3.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cb19407bab66b9ee7c351a194351789cb3faf0e8d5904a2c8610aae6e456fba
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
Ci.PfcZfs_h1YeBhEMfiyfLhEGP9u3io
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Sat, 03 Dec 2022 01:37:22 GMT
last-modified
Thu, 01 Dec 2022 09:41:55 GMT
server
AmazonS3
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"820f4ea492dc5eed21b4d4fda2636bae"
age
43
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
_x_X5cjHf4l-ME6QdvM91Z2XNTKu2ka_JjcS7-dVpsJMHMSnUDniaw==
us.gif
sync.go.sonobi.com/ 		49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-67
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pubads_impl_2022113001.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 11:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133236
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 09:36:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Dec 2023 11:09:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		407 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theepochtimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88e258dc07bb58923a1587e9448b57d26948f9da6067e6e46a3cfe5e7d676d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 03 Dec 2022 01:38:05 GMT
embed.js
comment.youmaker.com/web/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/embed.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20221118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
last-modified
Fri, 02 Dec 2022 16:18:42 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7637
app-version
0.1.2
counter.js
comment.youmaker.com/web/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/counter.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20221118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
last-modified
Fri, 02 Dec 2022 16:18:42 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2305
app-version
0.1.2
get
subs.theepochtimes.com/template/ 		185 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=signin&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
185
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get
subs.theepochtimes.com/template/ 		185 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=signin&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
185
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get
subs.theepochtimes.com/rules/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/rules/get?sid=www.theepochtimes.com&pid=4c14e06e-dead-4a19-833b-f676ae9d77da
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b1d5daa98167da75a05c36b894cbce8c760a74d3859430a218da68afa5869c2f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
websdksettings
sdk-02.moengage.com/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/websdksettings?app_id=49P44R50YP54GMKNGTOHPGAN&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-117.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e0bf5d0be2f70f186c63eec8a5708c4fbeddf51458a4ff17c5359441e7065d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
gzip
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P6
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
vTA_7PBSEyYomVh8_IwGFRrDfH_3qZ0oaVo_FgUtIeX1PLKb8vaGSg==
expires
Sat, 03 Dec 2022 01:38:04 GMT
c
ea.epochbase.com/api/pw/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 03 Dec 2022 01:38:06 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
c
ea.epochbase.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
pixel;r=1729309086;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html;uht=2;fpan=1;fpa=P0-51...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1729309086;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html;uht=2;fpan=1;fpa=P0-518996119-1670031484833;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=theepochtimes.com;dst=0;et=1670031485045;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec%2Cdescription.An%20executive%20from%20the%20online%20crowdfunding%20platform%20GoFundMe%20said%20in%20testimony%20be%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2Fno-evidence-freedom-convoy-donations-were-from-cri%2Csite_name.www%252Etheepochtimes%252Ecom%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-1200x800%252Ejpg;ses=3406d9db-75c7-4cea-be59-c83366288382
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		0
0
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:57e:7b01:7fd2:cadd:e467:5665 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
server
Server
138003605
www.clarity.ms/tag/uet/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/138003605
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/138003605.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cddd40d4e43b08a7fcf46d6c2ec9dab7d096c3babde1bf8d0a116ce556b2edb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 03 Dec 2022 01:38:04 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0faiKYwAAAADYHdwzP3i1RKt8bXmsf+ZBRlJBMzFFREdFMDkwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
/
www.google.com/pagead/1p-user-list/737062143/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/737062143/?random=1670031484967&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dpage_view%3Bpage_path%3D%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%3Bpost_id%3D4872079%3Bprimary_category_name%3DCanada%3Beet_tags%3DCanada%5C%3BFreedom%20Convoy%202022%5C%3BEmergencies%20Act%5C%3Bgofundme%3Ball_term_ids%3Dcanada2-362%5C%3Bworld-89904%5C%3Bfrontaudio-161329%5C%3Bcanada-top-news-100342%5C%3Btodays-headlines-98892&fmt=3&is_vtc=1&random=246956689&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/737062143/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/737062143/?random=1670031484967&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dpage_view%3Bpage_path%3D%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%3Bpost_id%3D4872079%3Bprimary_category_name%3DCanada%3Beet_tags%3DCanada%5C%3BFreedom%20Convoy%202022%5C%3BEmergencies%20Act%5C%3Bgofundme%3Ball_term_ids%3Dcanada2-362%5C%3Bworld-89904%5C%3Bfrontaudio-161329%5C%3Bcanada-top-news-100342%5C%3Btodays-headlines-98892&fmt=3&is_vtc=1&random=246956689&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/696467118/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/696467118/?random=1670031484910&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4230990478&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/696467118/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/696467118/?random=1670031484910&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4230990478&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/676906137/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/676906137/?random=1670031484931&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=89953820&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/676906137/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/676906137/?random=1670031484931&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=89953820&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/676906137/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/676906137/?random=1670031484943&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dpage_view%3Bpage_path%3D%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%3Bpost_id%3D4872079%3Bprimary_category_name%3DCanada%3Beet_tags%3DCanada%5C%3BFreedom%20Convoy%202022%5C%3BEmergencies%20Act%5C%3Bgofundme%3Ball_term_ids%3Dcanada2-362%5C%3Bworld-89904%5C%3Bfrontaudio-161329%5C%3Bcanada-top-news-100342%5C%3Btodays-headlines-98892&fmt=3&is_vtc=1&random=4233700388&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/676906137/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/676906137/?random=1670031484943&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dpage_view%3Bpage_path%3D%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%3Bpost_id%3D4872079%3Bprimary_category_name%3DCanada%3Beet_tags%3DCanada%5C%3BFreedom%20Convoy%202022%5C%3BEmergencies%20Act%5C%3Bgofundme%3Ball_term_ids%3Dcanada2-362%5C%3Bworld-89904%5C%3Bfrontaudio-161329%5C%3Bcanada-top-news-100342%5C%3Btodays-headlines-98892&fmt=3&is_vtc=1&random=4233700388&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/737062143/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/737062143/?random=1670031484957&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2745820663&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/737062143/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/737062143/?random=1670031484957&cv=11&fst=1670029200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2745820663&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
49P44R50YP54GMKNGTOHPGAN
sdk-02.moengage.com/v3/sdkconfig/web/ 		180 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v3/sdkconfig/web/49P44R50YP54GMKNGTOHPGAN?
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-117.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3771aa40a113c5aca2111fe7e1eaaf029325b71d3c6b8d8d91cc7167dc68405b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
gzip
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P6
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-PlOevq_JlFI7ozVSZUTs4tWsF1qQE6-Gz2Yk9NfYGLqKERfBFLAlA==
expires
Sat, 03 Dec 2022 01:38:04 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3850046703082950&correlator=860832789149561&eid=31071080&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fifs&iu_parts=5965368%2CEET_article_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=3587454004&didk=1123960972&sfv=1-0-40&eri=1&cust_params=EET_category%3Deet_canada2-362%252Ceet_world-89904%252Ceet_frontaudio-161329%252Ceet_canada-top-news-100342%252Ceet_todays-headlines-98892%26EET_post%3D4872079%26EET_author_name%3DPeter%2520Wilson%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com&sc=1&cookie_enabled=1&abxe=1&dt=1670031485166&lmt=1670031485&dlt=1670031484324&idt=808&adxs=300&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&frm=20&vis=1&psz=1000x30&msz=1000x0&fws=0&ohw=0&ga_vid=152341740.1670031485&ga_sid=1670031485&ga_hid=1612355859&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67928c85a1a69c08f255e74e31b12876cb07ba0cff47d00309930c398f4aa786
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10636
x-xss-protection
0
google-lineitem-id
6138466768
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404853089
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3850046703082950&correlator=860832789149561&eid=31071080&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fifs&iu_parts=5965368%2Ceet_article_right_top_300x250_v3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2786340635&didk=1443664284&sfv=1-0-40&eri=1&cust_params=EET_category%3Deet_canada2-362%252Ceet_world-89904%252Ceet_frontaudio-161329%252Ceet_canada-top-news-100342%252Ceet_todays-headlines-98892%26EET_post%3D4872079%26EET_author_name%3DPeter%2520Wilson%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com&sc=1&cookie_enabled=1&abxe=1&dt=1670031485173&lmt=1670031485&dlt=1670031484324&idt=808&adxs=1100&adys=192&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=152341740.1670031485&ga_sid=1670031485&ga_hid=1612355859&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ed8b113de961c519abf98974c1b44a0be4ae23dda60f51177138134be171f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10099
x-xss-protection
0
google-lineitem-id
6154887598
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412324914
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F41 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 01:38:05 GMT
expires
Sun, 03 Dec 2023 01:38:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show
subs.theepochtimes.com/template/ Frame 31E9 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3c8e91d44ceb4a689b94693ae811e5cf421fa6c8797a5b099a164d3eff0e14bc

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
show
subs.theepochtimes.com/template/ Frame BD81 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3c8e91d44ceb4a689b94693ae811e5cf421fa6c8797a5b099a164d3eff0e14bc

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
iframe.html
comment.youmaker.com/web/ Frame 5899 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1f2a24bfee4ce171f16864333b1e7f598b0bcc7e6a10b9b4ea46c1dfe053a3ee

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
content-length
4209
content-type
text/html; charset=utf-8
date
Sat, 03 Dec 2022 01:38:05 GMT
last-modified
Fri, 02 Dec 2022 16:18:42 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
counts
comment.youmaker.com/api/v1/ 		211 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4b8501f4c1443eef0ed610f7cb59a26de3e3100af0647cde21d3b4e9a81b17ae

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
clarity.js
www.clarity.ms/eus2-e/s/0.6.43/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/138003605
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:04 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0K2mKYwAAAADY2rtJuqyXSq6JeRo2bqx1RlJBMjMxMDUwNDE3MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d9026a431ead4c"
x-azure-ref
0faiKYwAAAAD/ypMBIY8jRZusk1XjDuPNRlJBMzFFREdFMDkwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
view
securepubads.g.doubleclick.net/pcs/ Frame 8A81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3aOXSk4esXEeoK4rLvaKDa_vKbg3YUT-JTl75U7d0A3QKKKupPzsK4_ici-yB5oC4ptjXmlry1QT2wGaj7jEPdnwyad2jvP2rj96i3p5dlDNqB5ZVnDUqXzC-0SAlJhcb5tOAnbfNYHvxyTAcqdrJfM-GV23ii9xhyhqEmb4QUJHsIZ7bHRKMyNQ7YZ4P9T_PZhd3opcfXxTbXB8CNZv0MoavNDJdd6tWJJh7I96D12DnX3QPwyPGfKjAmX29W1rhw-Ng0FK1CshpqmI4ivWnxu4NG02ssfu-dAb_ASwvkI6qLuYkTVlQZqDY2xt3D5W91ea30upqiWnbFNZujqbTXxmggcKF0UfO--WwB90&sai=AMfl-YRC7g5ycwokIIeW6ISNsrT43g6YpmwTaTKmVeG8CgHt-dPwbuqjRpXWhqgl7hKZNnl7rNE5hW5Qqbnj2EdaRorT2QWlxl5C1j-CUQVSc-MGspLl3iFum8twE2blpJtV&sig=Cg0ArKJSzMWtWqOZcneQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A81 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 01:38:05 GMT
16771325306048180988
tpc.googlesyndication.com/simgad/ Frame 8A81 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16771325306048180988?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f88db8eb46345f4e83cdaf7f49a9455375697f69a3f64536128d945a78cc7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 22:32:03 GMT
x-content-type-options
nosniff
age
270362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151415
x-xss-protection
0
last-modified
Sat, 17 Sep 2022 01:05:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Nov 2023 22:32:03 GMT
breaking-bar.html
www.theepochtimes.com/assets/uploads/html/breakingnews-bar/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/uploads/html/breakingnews-bar/breaking-bar.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
x-content-type-options
nosniff
last-modified
Sat, 03 Dec 2022 01:41:49 GMT
server
nginx
etag
"638aa95d-0"
x-cache-status
HIT
x-hw
1670031485.cds143.fr8.hn,1670031485.cds224.fr8.sc,1670031485.cds224.fr8.p
content-type
text/html; charset=utf-8
cache-control
max-age=600
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
x-device
desktop
remark.css
comment.youmaker.com/web/ Frame 5899 		87 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.css?v=2022120210
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3e63d386fa4d5c77aa9b00d704e717ca41fe5f1393506cc5debb6442f2141c82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
last-modified
Fri, 02 Dec 2022 16:18:42 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88604
app-version
0.1.2
remark.js
comment.youmaker.com/web/ Frame 5899 		316 KB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.js?v=2022120210
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5742e68696d47a95f5f207f7d84a0e23c9fd644d72f32bb4c8d3a94741ca2380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
last-modified
Fri, 02 Dec 2022 16:18:42 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
323126
app-version
0.1.2
userId.bundle.js
subs.theepochtimes.com/lib/ Frame 31E9 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
58e4d62e87f3c2e7dd0e5569c273603a3b8a94fac7252d5faca19306449c654a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
last-modified
Mon, 10 Oct 2022 18:35:40 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204988
94729.js
mixi.media/data/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixi.media/data/js/94729.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20221122
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
7b9f7e1f4ad6e69372e7ac74b9d66344ab60a798f7a108a71e637bb3e47509a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:06 GMT
Content-Encoding
gzip
Last-Modified
Saturday, 03-Dec-2022 01:38:06 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
userId.bundle.js
subs.theepochtimes.com/lib/ Frame BD81 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
58e4d62e87f3c2e7dd0e5569c273603a3b8a94fac7252d5faca19306449c654a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=EET%20-%20Responsive%20Signin%20Bar&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
last-modified
Mon, 10 Oct 2022 18:35:40 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204988
collect
k.clarity.ms/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 03 Dec 2022 01:38:05 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=3219&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6201&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6202&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11200&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11208&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11212&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11204&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=12201&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
clickly.js
services.epoch.cloud/public-labs/epoch-ai/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/clickly.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a922ec72a886ec86707564deb4b9b27358b7ac42563dc11f9d26deca4f6b900a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 20:51:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331
etag
W/"638670b8-2be0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nw6s7hWUdqgj%2FS5ukyNRV6pg%2BJWAlnFynllxClIBvSh%2BXzTI7b3U0vUmGDrKADtv8ppPzFDmf7ui53UxAmh9zMVZHwccsBma7sp2%2F6Kj%2B%2BHgJfO4jekDUyij%2BH%2FfAGNYRqQJIGWErXvYiGILHR7UtuUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
773894b0aef59be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=3219&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6201&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6202&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		41 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11200&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		41 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11208&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		41 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11212&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		41 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11204&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=12201&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 8A81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutExhlOfB3aD1yx3FumrWK9QNjH_F6zWdKAGyVzqJIEMLe0rm6qNVIYw_V8FR4GBRnPPbh59J4eueI950NOgWOzb54P_OkKaL11MD9SZZy4vvwkG55uyhyFslhiYVd5603Yf3Nx0PyfaunzvOI9de4AiGgbZ8bZHLWKmGLLzxO4Eh9sv8xd2rFRZTY83d_SfgElcw8AW76p0I7k5UUNBPpRG5bq1lQG5FzXsyN9pyuDHBAfhmI9rcTL1VwAOVgmzfBqNncHJGs_ZWYeqSsMJdz6a1HnV3iGJ1aurdZo7k4uB92oTXLS1ocjHpuZgS8SNEZRE6FPLBvCj3u4C4KSxlSe2k&sai=AMfl-YSjJ5QU1xMVOdWlB7cKA9X5jPCQ-SCxq6iM7i-MV2RkJjaBPvv8Qpqc3yGadgGndkD6XW48Hqctxlg2HrTfBGArHwixHvPuL3uDW5K-JHHCoTUfFy049gQJtl11OTLV&sig=Cg0ArKJSzJ-_fvfH5EI-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 01:38:05 GMT
truncated
/ Frame 8A81 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a4fbcb87b0b347beab8efd51ed5f0af275dbfaf51f92aef3b0fb3961cfdc6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 83EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul_O3UuWb3VoKhi3-8xglUjE35dxU8aG_agu0wPdlBlaThIQ4Yc7_YKuUdy3wJEJcCzYdOv0-m5sZx7FKWP0Ejza8LyDxEkSTtkIIsNW9xBCrdKMO7o-AfM2FucIhNTOIeQ_0aopLI9DJHeeRW4TzTudmFbWgbMLtnYly4Iv-c5yW59J2Xloexanzg8__GCL16BjS6zi4Qh5LpvYZj9ZnpZ0aC_w81vw8Bgj_JFymu9puPtCEBnbUUpeBWt4aQYWD5lruSJaVflNA-cHYBKdCMPREHAHAJ13o17hp67bN8IWLoMcN51s_LHAwXGrKIn72ySe196ajiV4AjS145rZYEXKRmTgORUh5JVzGqsPoMkYa-ruWe_6VHhKMwBqq6iB5DKQH54yiUd7o&sai=AMfl-YRhh5BchXtcquITXIs27tFVoNn-uqP1zUQB32pEcnTqrZkRvIwGHvSKbIIuT4oD0aPpIgsuGu5R8uMAB0FWo6vvWnnq6hfz7qna_-QRbiH1tWct5BpMjuBJIJhLQd6v&sig=Cg0ArKJSzAfTM-g31NlREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 83EE 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 01:38:05 GMT
6327709381779103315
tpc.googlesyndication.com/simgad/ Frame 83EE 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6327709381779103315?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3185feb4c67e538350db6310c8b1de2663303a1de795f1e3b269e7df952c0a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:33:57 GMT
x-content-type-options
nosniff
age
29048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64998
x-xss-protection
0
last-modified
Fri, 11 Nov 2022 15:21:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 17:33:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 83EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstz8qhavpxFCq5pR_2_tUCc5_xgom6pCo1CXQmK-jx6pUWHPKSDR7f7z675k-WkellVmKATFBGVK9m2HmSz01_ihDdWsHMi16alVLwPmxlu5yWRJr5ykAYI1-AHFkmVW-8MqZL33w2MDBQd5wSRCpD9FAwaKAXJk59AG5uoqitbGGDGurvMp2krRw6X3S5ZhEsTmKrIH_ZLSVpN6CwQ6LwUDpInxSkTDZ5O6uKcYXyGtXbrmhIL_-mzIj4jtyRSODc6Jv6nExF13T_hdjteuzcdznZeU-kQF4hFiRe4XkDan3d7TTiLr_OT_PbPF8w-_ZSOA8CG-DQ0Ll73EbrTZJbttbw6KKzZkShnwS_gsVcc&sai=AMfl-YRRmpPxvpfoPtGgcpQTdAJc-P_zKhAh9AF-Lw32MYnPD9HWL6ChU5ctR2IyeMo4nYPD2GPJ16lgOWkgQ7EZJxBqoBJQo1bNlE1yoc6VE1HJvchY2qAsVsgmd3R1Tlnl&sig=Cg0ArKJSzGhnVuT-VNYpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 01:38:05 GMT
truncated
/ Frame 83EE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84ea44a16211c4a362ff0ece9c6e89af0afd8b51fe9c02d488e0db46d516be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
config
comment.youmaker.com/api/v1/ Frame 5899 		283 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/config?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022120210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93

Request headers

x-provider-token
youmaker
x-xsrf-token
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
expires
Thu, 01 Jan 1970 00:00:00 UTC
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1209&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1209&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11214&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11214&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
EpochShare.svg
cdn.epoch.cloud/assets/static_assets/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/EpochShare.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e1230a1029046e9fd3fbadce6800514c3275e9caa3a28ae25a1ebc3cf848064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15281
last-modified
Wed, 29 Dec 2021 18:11:17 GMT
server
cloudflare
etag
"61cca4c5-3bb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BunMPdP8%2BJc8uCVqNsRT58DBtt2fOQozpXfRUBtrd6IMkXV4ykbpifwgDgsBs4djtOJemELWlDRDPEdJ5nKKrT8xdxNYfpk9QpKoeQydMXcfdazZJCwWf18CAbec4YtAMmPFw6CFG5nFw%2BiXEP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b228fc9be0-FRA
expires
Sat, 03 Dec 2022 01:41:07 GMT
share-emailfriends.svg
cdn.epoch.cloud/assets/static_assets/referral/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/referral/share-emailfriends.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23baeed97585502b8c523c2b20eb49f121508cdea74e2a5d140810c3163b1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Apr 2022 15:03:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"626809c8-2361"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMuEFmsJBYHtwYpXjUT4T7LbOZ%2FHsqp3vMTpzsh37pgzNkiIoryYBTpMORpnJjX6TupIjfXwyCjXtvUMdX6DZ8YFq8Yks2pz0SaG2LwClcVvgLI4s5xlg2q7p7JWd7p3s76Oy87ShnFmuRcbC5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b229039be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9057
expires
Sat, 03 Dec 2022 01:48:05 GMT
share-copy.svg
cdn.epoch.cloud/assets/static_assets/referral/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/referral/share-copy.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e13b546cc3f6257c38cf7f40494af77d7c724595b232b6f545b8b7a5e86b2a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Apr 2022 15:09:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62680b0d-1900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X06OLGkdbzF5x0ftaYsjNeGsiZccc1hrxFWHXd%2FzdUJPLEsvCE4YJK4QzrD2nZ06DHrT0nVTKKJ1n19gY8r7YB6sfLYhaGilV9%2Bwlnkh1dR7bahWyZnFJjPQ1HURkGzdBCm7s%2B3Np9OZEARGLFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b228f89be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6400
expires
Sat, 03 Dec 2022 01:48:05 GMT
share-fb.svg
cdn.epoch.cloud/assets/static_assets/referral/ 		662 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/referral/share-fb.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2d8e05d2cbf7757ec64f004c83843e9f1c3d74c3ea84e9c8b9786be623fff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Apr 2022 15:08:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62680b03-296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Fd5mPbrfCT2dyENtiYUZnqfUxvzyjnZjfNLw5ISsoCVIxnMiXDJaeKYD2Mnm0amYo8G2tPFnI0UbUIwoHylkuHgsjykbRc8Gno3HXeMYKI9VQr1v0NWBrCBEdueT%2F25%2FM6ljwSbqHj7VltrH34%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b218f69be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
662
expires
Sat, 03 Dec 2022 01:48:05 GMT
share-tw.svg
cdn.epoch.cloud/assets/static_assets/referral/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/referral/share-tw.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee3b0c9e2d371b6a6d25783f1f48d4947681caf604569c2d08dc9cf4d93f7219

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Apr 2022 15:08:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62680b04-526"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnKa2kYg9rQfx5wyHYb6LLnRMsLKPXtl%2Bm59TsYDS1%2FW%2FGNMK7PPxw479h7keVVa4b%2Fo0VoLxJeJEsge%2BN0T8DoucS5Vlq3bB4X8YuIN5ea1fr8Vt2Cni8IIXYFc5vOxVvuUamSWyfZs%2FMJUq1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b218f59be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1318
expires
Sat, 03 Dec 2022 01:48:05 GMT
share-gettr.svg
cdn.epoch.cloud/assets/static_assets/referral/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/referral/share-gettr.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a02f567896836f4bba56e439fc117d0a9b2003ad8d5aa4446c0231693c6e3ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Apr 2022 15:08:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62680b04-91c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEQdnyyFKeG%2FS836lDjblKslXkoWC9zezGLzeK%2BDyTZDroGFEUNIuTtXkiK11ddDOeyBOzgXbErjo29e%2F%2BwPEyRKf8oBf%2Bqm7qUek6WWX9jX62CRuOIaSYST9%2Bd0c4TsASEj%2FsxB9Q2N6MLBjf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b218f49be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2332
expires
Sat, 03 Dec 2022 01:48:05 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=2&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EpochShare%20Widget&ea=Impression&el=EpochShare_Widget_Main_vC_SubsiShare5Anon_Desktop_eet&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=1662177810
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82486
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
auth
subs.theepochtimes.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11217&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11217&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
get
subs.theepochtimes.com/template/ 		199 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&version=22
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c99085b7fb1f2a887546ef03893582856b0ca792472ad92629a75177e66a803e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get
subs.theepochtimes.com/template/ 		205 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length
205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user
comment.youmaker.com/api/v1/ Frame 5899 		57 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/user?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022120210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token
youmaker
x-xsrf-token
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
expires
Thu, 01 Jan 1970 00:00:00 UTC
site
comment.youmaker.com/api/v1/ Frame 5899 		119 B
142 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/site?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022120210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
26aa82e1186d3e338a43a716b262a78272826e3641f9df709627f6394fce5e57

Request headers

x-provider-token
youmaker
x-xsrf-token
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
expires
Thu, 01 Jan 1970 00:00:00 UTC
find
comment.youmaker.com/api/v1/ Frame 5899 		23 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/find?site=remark&url=theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&id=&group=&sort=-time&format=tree
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022120210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c8f516d5f9d1e8b2d11a26b498f2adddf918f6a5251e89a9f3d45212a473c2ac

Request headers

x-provider-token
youmaker
x-xsrf-token
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:05 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 UTC
D-DINCondensed-Bold.otf
img.theepochtimes.com/fonts/ Frame BD81 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/D-DINCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:05 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
58452
Last-Modified
Wed, 05 Sep 2018 15:47:56 GMT
Server
nginx
ETag
"5b8ffaac-e454"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=11496071
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
show
subs.theepochtimes.com/template/ Frame 0927 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
fb9f3fbc7a3a7c25c21355a2cacde8486336ad3fe541d8c01aea2f3739cf8efa

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
show
subs.theepochtimes.com/template/ Frame 75E6 		17 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
94015b53fc56119198c37c0911fecc9e41a3d6aae12e2c7de6674b08f348bd3c

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sat, 03 Dec 2022 01:38:05 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=3&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Impression&ea=anonymous&el=&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=397931723
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82487
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
3cb5a77d811354a65f3945f933a8868130a9bb16.image
comment.youmaker.com/api/v1/avatar/ Frame 5899 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/3cb5a77d811354a65f3945f933a8868130a9bb16.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2252f3a17162f8f28c5989e034dc5ba6fdc2a24a33193418383c34a5fc175f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
content-type
text/plain; charset=utf-8
cache-control
max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
expires
Thu, 01 Jan 1970 00:00:00 UTC
eb5fb51a409e615ed122600813e414790bd35b67.image
comment.youmaker.com/api/v1/avatar/ Frame 5899 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/eb5fb51a409e615ed122600813e414790bd35b67.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2252f3a17162f8f28c5989e034dc5ba6fdc2a24a33193418383c34a5fc175f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
content-type
text/plain; charset=utf-8
cache-control
max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
expires
Thu, 01 Jan 1970 00:00:00 UTC
e96eef6bf0847ecac8a55767ee3ac7eb50787b95.image
comment.youmaker.com/api/v1/avatar/ Frame 5899 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/e96eef6bf0847ecac8a55767ee3ac7eb50787b95.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2252f3a17162f8f28c5989e034dc5ba6fdc2a24a33193418383c34a5fc175f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
content-type
text/plain; charset=utf-8
cache-control
max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
expires
Thu, 01 Jan 1970 00:00:00 UTC
9a176cabd57f8737680d70bdae71722fe003ebce.image
comment.youmaker.com/api/v1/avatar/ Frame 5899 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/9a176cabd57f8737680d70bdae71722fe003ebce.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2252f3a17162f8f28c5989e034dc5ba6fdc2a24a33193418383c34a5fc175f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
content-type
text/plain; charset=utf-8
cache-control
max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
expires
Thu, 01 Jan 1970 00:00:00 UTC
userId.bundle.js
subs.theepochtimes.com/lib/ Frame 0927 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
58e4d62e87f3c2e7dd0e5569c273603a3b8a94fac7252d5faca19306449c654a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
last-modified
Mon, 10 Oct 2022 18:35:40 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204988
react.production.min.js
pwe.epochbase.com/libs/react@17.0.2/ Frame 0927 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/react@17.0.2/react.production.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:38:34 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11440
react-dom.production.min.js
pwe.epochbase.com/libs/react@17.0.2/ Frame 0927 		118 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/react@17.0.2/react-dom.production.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:41:06 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120585
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ Frame 0927 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1921038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0ihEelFwz%2BJYP5TRr1puOzbsXNupe7wCUATmYxn4uEpAPWu1kaKXo%2FyapPKRCMaOH9TRjM8r%2ByeqEe98Opg1KihENCYwhE4gGe7SL2pFm3oEkwYHJqTNED%2F2gsoZFjEficu%2FRhhexEppZQO4VZpv40O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
773894b48fcc9b70-FRA
expires
Thu, 23 Nov 2023 01:38:06 GMT
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 0927 		125 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=9b52e988-2c2d-4f6a-9c92-69faaf11c36a&sid=www.theepochtimes.com&v=22&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=Organic%20RW&rs=1&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&variantName=NP-0820-base-desktop&primary_category=canada2-362%3Bworld-89904
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6c562d46deb9d51ec52ef0664b2e69a6c9b8b865da7126e865f499175b70fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 14:29:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
270
etag
W/"63764554-1f59d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tte9XJ%2BqOZUqS9Q3D%2BZu2r3HGF1ri38c7PHgws6GYQzA1UYjaqaHQZ2rZaV9qm5zV9dTGn%2F8pyvk3cU%2BmdQ%2BeiwOGESOwvxRbGu55FVnq7nwWB24o0dreiACZo59s1K8Nh6ShIDYb%2Ba%2FvBYwT1BcxB50Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
773894b428c9bb9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ Frame 75E6 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
26934181
cdn-cachedat
2021-06-08 14:36:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5404a9b61f285b9b7492988008292781
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
773894b4894590da-FRA
cdn-requestpullsuccess
True
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 75E6 		125 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6c562d46deb9d51ec52ef0664b2e69a6c9b8b865da7126e865f499175b70fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 14:29:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
270
etag
W/"63764554-1f59d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MWGSkrFY5BsLZQE77dIeSLeISdPBI3mHnzax0ASIEJYxcmUhGLMdnWKuk3repHJ5tbdkkY9T6A28ozhsqfyAQY2Fqh%2Ff63yzJSMyazCzQn%2FzHzqHMlc5w%2Fi9v%2BvHfEhAaOiOKG7VvycSMK6utBYzhbMNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
773894b428cabb9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
userId.bundle.js
subs.youmaker.com/lib/ Frame 75E6 		200 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
58e4d62e87f3c2e7dd0e5569c273603a3b8a94fac7252d5faca19306449c654a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
last-modified
Mon, 10 Oct 2022 18:35:40 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204988
epoch_share_pointer_logo.png
cdn.epoch.cloud/assets/static_assets/ Frame 75E6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/epoch_share_pointer_logo.png
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e5666eb3c613aa415b8f2ca2278b8d7d4d20f865515f43acbb18bdd8c08c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3625
last-modified
Mon, 20 Dec 2021 14:16:07 GMT
server
cloudflare
etag
"61c09027-e29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N%2FW4tlhyhmGQDxRVL2ukpgj3vOJRvCr3QDsyuWe8lvVipl5RlzSJHuXB5yIJjqk9pDubIdiLUa5VBBL%2FJePMxzFSHFUs1VU3KutRZwRGEzKavYbJGz3Irnp77%2FfIP3I%2BB6Vrxflzf4C0u2fpbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b458fdbb9e-FRA
expires
Sat, 03 Dec 2022 01:42:40 GMT
add-more-freind-share-plus.png
cdn.epoch.cloud/assets/static_assets/ Frame 75E6 		665 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/add-more-freind-share-plus.png
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdc568a099fdeed8141ef427c3b62f399e00cb8d38e48a8755429e2e34cb6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
665
last-modified
Mon, 20 Dec 2021 15:08:17 GMT
server
cloudflare
etag
"61c09c61-299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8iRy2bLkXbZSz2PBLlnuDOzlsJpQ61CpfJ2pQ5wYTVR9GieuQmHzR0YQeMWSRAyy1uqyaUmnAcIufFjll8NdFw9pzylES2w%2FFvsAykisp3XoPZnfBf3USgx6nysh%2FXvmtoanK7OGUEzmtyMPz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b45901bb9e-FRA
expires
Sat, 03 Dec 2022 01:42:40 GMT
popup_gmail-share-btn-bw.png
cdn.epoch.cloud/assets/static_assets/ Frame 75E6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/popup_gmail-share-btn-bw.png
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e622e4a216a257769a46ff1faa7aeff2b252b8ed0ee28ce29f3476ccfcf50278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1481
last-modified
Wed, 22 Dec 2021 17:43:00 GMT
server
cloudflare
etag
"61c363a4-5c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvI1iD%2BM04lSMp5vxVqQ5GKz%2B32VwHDtUhaR8QuijydjUmiPz6ZS5DDwfMGWtDylZDiPeXmZM%2BReXgMKG70zRecj8MZYk7C6hOPUSl531fcJms39%2BR8cD0KfgkLrrkxG2SMOWoRy0L5FtQlslkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b45903bb9e-FRA
expires
Sat, 03 Dec 2022 01:42:41 GMT
popup_yahoo-share-btn-bw.png
cdn.epoch.cloud/assets/static_assets/ Frame 75E6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/popup_yahoo-share-btn-bw.png
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9117f5b0f3c9ed3817bf8004c195fa83ca0d7c47f3a8c8a6ce135d8633d590df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1712
last-modified
Wed, 22 Dec 2021 17:43:57 GMT
server
cloudflare
etag
"61c363dd-6b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1b9A%2BgB3DserPVlEgikrVa6RqJ%2F6c0mZxiNRxVPG%2FAZlJVYXKg9R7mWu66WcHb4iiSyadE8%2FNDvUB8ZD6ACLCJyByWERCmrJNxFaM7AGUYb%2FwjsJb8RtEljJW9i%2BdyYIOC5STJ%2BLcj56CzUnxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b45904bb9e-FRA
expires
Sat, 03 Dec 2022 01:42:41 GMT
popup_outlook-share-btn-bw.png
cdn.epoch.cloud/assets/static_assets/ Frame 75E6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/popup_outlook-share-btn-bw.png
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6213b7a0bc1e370fad3aeac8341675cdef7f9772a37d1d11dbd339c249b9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1483
last-modified
Wed, 22 Dec 2021 17:43:59 GMT
server
cloudflare
etag
"61c363df-5cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhOC26%2BQNF2RTeb8nosjayK1SBh7Mv%2FJV6dpkth8mVldQRGLS59dEpv0DhVZ0WuGFF0qx01mjsh3H1N8ZEM05zSCHZ44i%2BAnWN5YZ55oUl9nBhvY2ziKneIrdTlOABFh6jwyuUXpzCHTZfTiCak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b45906bb9e-FRA
expires
Sat, 03 Dec 2022 01:42:41 GMT
iCloudImg.png
cdn.epoch.cloud/assets/static_assets/newRewards/ Frame 75E6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/newRewards/iCloudImg.png
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c2c90f115062d29aaa6c0717f3266d7fa5cca0489e65e0b0ce712f9e379042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3627
last-modified
Mon, 21 Mar 2022 14:44:33 GMT
server
cloudflare
etag
"62388f51-e2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hkCNWAnxGuBg%2BlSEEQewvOPuRdXMuJ2MBlsUu2EaRHzOzJ7zJ0SlG0RAwKsXTsJkI201CmOqaYOZMxhEavwixiCnTJKDWgRbW4sNaeNfCugq6nEiZTOPU8n5tGd7WRIPt%2BicqEjgF7OJoMxtk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b4590abb9e-FRA
expires
Sat, 03 Dec 2022 01:42:41 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 75E6 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com&v=3&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q=&tn=InstaShare%20Widget&dna=%7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D&templateVariant=embed-underArticle&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&thumb=https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F09%2F18%2FCP150494524-700x420.jpg&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&segmentControl=0.1816625376492269&segment=eet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 03:17:13 GMT
x-content-type-options
nosniff
age
80453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88145
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 03:17:13 GMT
truncated
/ Frame 5899 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d066548314e4827f298403cb806d759ce7dbefb2bff05318803126cfe9347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
jsapi.v5.12.0.en_US.js
static.mixi.media/static/jsapi/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Mar 2022 07:51:02 GMT
Server
nginx
ETag
W/"62455d66-3eabf"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Connection
keep-alive
/
target.mixi.media/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.mixi.media/init/?blockid=94729&siteid=49188&bw=1600&bh=1200&rnd=1207799716918
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-Target-Version
2
Date
Sat, 03 Dec 2022 01:38:06 GMT
X-Target-Final
20221203043806-0
Server
nginx
X-Target-Host
target2-1.ssel23
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00069
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Sat, 03 Dec 2022 01:38:05 GMT
jsapi
mixi.media/newdata/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixi.media/newdata/jsapi?action=news
Requested by
Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
bd126295bff92154569cc5c6f6197592b723582e662c871929e4983fc6dcc915

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:06 GMT
Content-Encoding
gzip
Last-Modified
Saturday, 03-Dec-2022 01:38:06 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Node
ads5-1smir10
10595489.jpeg
static8.mixi.media/img/400x300/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.mixi.media/img/400x300/10595489.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
ab5503401b97084122f06b86ff965dc6e8dae9685fb4ef1a636e731cefdb89d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Fri, 18 Nov 2022 19:51:05 GMT
Server
nginx
ETag
"6377e229-c0a6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
49318
10480770.jpeg
static7.mixi.media/img/400x300/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.mixi.media/img/400x300/10480770.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
11a865b4359e661025e24c7c944e9205272ae65d2488ec65ff19e442976b7bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Mon, 03 Oct 2022 09:47:12 GMT
Server
nginx
ETag
W/"633aafa0-16bd8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
46784
10554574.jpeg
static1.mixi.media/img/400x300/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.mixi.media/img/400x300/10554574.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
7ec7d7998e7ab93993e77f3f71012e7fb1a37f9df422d4c0524ca151cfa9c32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Tue, 01 Nov 2022 08:43:12 GMT
Server
nginx
ETag
W/"6360dc20-94be"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
51270
10616105.jpeg
static5.mixi.media/img/400x300/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.mixi.media/img/400x300/10616105.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
ff956c3a6b9f980409d889be9dc67646cdc425d2ed70bdcc4792e95946ede6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Mon, 28 Nov 2022 19:19:35 GMT
Server
nginx
ETag
W/"638509c7-25554"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
59698
10622642.jpeg
static5.mixi.media/img/400x300/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.mixi.media/img/400x300/10622642.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
478a65c87dfb1f0f3f1ea4f4715021036dce59a158045ee2136cb91df38e61e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Wed, 30 Nov 2022 17:04:09 GMT
Server
nginx
ETag
W/"63878d09-11331"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43211
10625706.jpeg
static5.mixi.media/img/400x300/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.mixi.media/img/400x300/10625706.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
d9f0e225c26d9e379ac02131df20684f1c0791a046ad30183faa851b55c8517f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Thu, 01 Dec 2022 18:28:39 GMT
Server
nginx
ETag
W/"6388f257-1b252"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
64742
10622641.jpeg
static1.mixi.media/img/400x300/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.mixi.media/img/400x300/10622641.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
f397b9e1f7f87f1f494b4b7c27dec46e926c468434b42ef152329ffa312c9871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Wed, 30 Nov 2022 17:03:12 GMT
Server
nginx
ETag
W/"63878cd0-973d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
58807
10622606.jpeg
static5.mixi.media/img/400x300/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.mixi.media/img/400x300/10622606.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
4a7d39078ebfaf817109030bdc6fad14a850e32633b214c81b122bf368c44dc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Wed, 30 Nov 2022 16:53:04 GMT
Server
nginx
ETag
W/"63878a70-eefb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
42868
10622619.jpeg
static4.mixi.media/img/400x300/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static4.mixi.media/img/400x300/10622619.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
be494cdfd3ada31f62ae937062bdf9493fc7375be5f321fafe680343be3e89dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Wed, 30 Nov 2022 16:56:36 GMT
Server
nginx
ETag
W/"63878b44-1947d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
56374
authSignInCombo-1.6.umd.js
pwe.epochbase.com/libs/ Frame 0927 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/authSignInCombo-1.6.umd.js?_=1670031486352
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/userId.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2ecae39e460fe1ac9a93f87807624b399e11a26d4d6325eba5cc3ced86d2eaa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 google
last-modified
Thu, 01 Sep 2022 21:04:09 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101215
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=4&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3ARegistration%20Wall&ea=Impression&el=Registration%20Wall%3A%20Organic%20RW-%20NP-0820-base-desktop&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=180384047
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82487
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=5&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3AInline%20SignUp%20Meter&ea=Impression%20-%20Organic%20RW-%20NP-0820-base-desktop&el=&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=1187790780
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82487
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=6&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3ARegistration%20Wall&ea=Flow%20Starts&el=Organic%20RW-%20NP-0820-base-desktop&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=1310993615
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82487
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=7&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20membership&ea=membership%20modal%20impression%20Organic%20RW-%20NP-0820-base-desktop&el=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=525952773
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82487
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings
stat.media/counter/ 		450 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CKSAAxIkODI4ZTZiOTgtZjk5Yy00NGNiLWIzZjAtYTkwMjhmZjU3ZDMyGMLUiK3NMCIkYTM4OWM0MGQtNGRmYi00NDQxLThiNTQtYTA2YmI4NjgyNzE5&cb=_callbacks____0lb79mlzx
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
0fafc223231939ade62a1004c84e93348ff7fbce4bab6ecedd4b50f1fa9ea19f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:06 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
uaRMQGoN7Zh9_T3vcY6eZA.js
api.cloudsponge.com/widget/ Frame 75E6 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cloudsponge.com/widget/uaRMQGoN7Zh9_T3vcY6eZA.js?_=1670031486482
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.71.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-71-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e59b75087eb3f07aae925c7a49d4062d79767032dabb5f4a7ebec06b26e5a382
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cloudsponge.com
X-Frame-Options ALLOW-FROM https://www.cloudsponge.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-runtime
0.009671
date
Sat, 03 Dec 2022 01:38:06 GMT
content-security-policy
frame-ancestors https://www.cloudsponge.com
server
nginx
etag
W/"e59b75087eb3f07aae925c7a49d4062d"
x-frame-options
ALLOW-FROM https://www.cloudsponge.com
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public
x-request-id
d8d3fa39-fd67-4ea5-abeb-7ed4a4e567e3
senddata
subsapi.epoch.cloud/db/ 		16 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgLr26ZS%2FgfBfLk1YodHla04De8xBdFdp4FzWIXqbHMsQhwyDe6qbIZ6YAMmmVd%2BThFmvI0DtNQONv3KSYUxWXYpN2VRrUW6bHz%2F8XXEtjUu6et3SSdW6%2BExUPc%2FPO8prPlviQiLR0IFCOSc%2BVLly100"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
cf-ray
773894b7abd09b4f-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
senddata
subsapi.epoch.cloud/db/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
773894b6eb0d9bbf-FRA
content-length
0
date
Sat, 03 Dec 2022 01:38:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JoDkLZwTEk5wpxVJnb2J%2BCEIBtDb9FqEzTu%2F%2Fd8p3EkSfKxNz%2FfuO8xbpkqOU3dJbzmPuhj8yP0WOUe561hYXi%2BRV6ZaLNSOV98HG0caGmHpbODJYd8UU7y1%2BZGwNlAj8HfzeuVpQDfVLVT0a5DDXIb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1612355859&t=event&_s=8&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ul=en-us&de=UTF-8&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=iShare%20Widget&ea=Impression&el=InstaShare%20Widget--embed-underArticle&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=152341740.1670031485&uid=anone984-db32-4f85-ad23-18553b3d132d&tid=UA-10465455-30&_gid=1661403411.1670031485&cd1=362&cd3=%3Bcanada2-362%3Bworld-89904%3B&cd4=%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd5=%3Bcanada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892%3B&cd21=4872079&cd23=Peter%20Wilson&cd26=Canada&cd28=%3BCanada%3BWorld%3B&cd29=%3BCanada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme%3B&cd30=20221118&cd31=20221118&cd33=467&cd42=%3Bt-canada%3Bfreedom-convoy-2022%3Bemergencies-act%3Bgofundme%3B&cd43=post&cd18=anone984-db32-4f85-ad23-18553b3d132d&z=1843524626
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82487
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
mixi.media/cookiematching/ 		43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDgyOGU2Yjk4LWY5OWMtNDRjYi1iM2YwLWE5MDI4ZmY1N2QzMhoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjcwMDMxNDg1NTA2GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGEzODljNDBkLTRkZmItNDQ0MS04YjU0LWEwNmJiODY4MjcxORoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1670031486528
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Sat, 03 Dec 2022 01:38:06 GMT
Last-Modified
Saturday, 03-Dec-2022 01:38:06 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Sat, 03 Dec 2022 01:38:06 GMT
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 03 Dec 2022 01:38:06 GMT
Server
nginx
Connection
keep-alive
activeview
pagead2.googlesyndication.com/pcs/ Frame 8A81 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1liqw4dbP1x3V8moZpQBjd4r_ODTLLhqotbfD21uwh0oIXUK7UpYWMeSwvRF3I1qlcDS6l6UXoukNm4m22_VfaS-l5KeY5Mire5Y3BWpmSmqXm3tD&sig=Cg0ArKJSzPnCCqc5JSJZEAE&id=lidar2&mcvt=1000&p=126,315,376,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3587454004&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670031485330&rpt=217&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0927 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
658379fc62a45175942e4be8db35d063a700ffc4d5bedb98a4d8ff135d24b7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
rw-lock-icon2.png
cdn.epoch.cloud/assets/static_assets/ Frame 0927 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/rw-lock-icon2.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb9a1cfcfe8dbb1cefe4c71f6de8440eb41cc85b91f4a9fedc7fa5ecc635870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1538
last-modified
Mon, 01 Aug 2022 15:35:04 GMT
server
cloudflare
etag
"62e7f2a8-602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFEULud6TEQP1ZoKHRvkKZ9cj%2FgOKS96ovkJW9MyMyeEaP1UBXEnrvmKn%2BBOaF1pHpnfinE%2FohcgvthoKxITh0OGHYK72ucY%2FgqnMWqydhOa%2FPq1BnBYYKAomywixPFeK2ZEIsQ4brehL6fC0OE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b76cdbbb9e-FRA
expires
Sat, 03 Dec 2022 01:41:26 GMT
rw-flag-icon.png
cdn.epoch.cloud/assets/static_assets/ Frame 0927 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/rw-flag-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f23809897dca4d9cdbf8c41790ed737e34e4fa95814ea82908c0101a909595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2451
last-modified
Mon, 01 Aug 2022 15:04:55 GMT
server
cloudflare
etag
"62e7eb97-993"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY0i33CpjmsRfk0YD2hMZsa5HRjjwvF9IdJblu8m9PW7%2B5aei8zfJAIKP%2FkOYsJGqMpsYSTyQU%2B7GwCbe%2F04taQY0d3CBF64flS6C8IGyHi5ROH3SIBZraFoKLGb9t3ln9po8tlhYcYNFqGYHl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
773894b76cdcbb9e-FRA
expires
Sat, 03 Dec 2022 01:47:14 GMT
RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ Frame 0927 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126244
last-modified
Tue, 07 Jun 2022 20:08:09 GMT
server
cloudflare
etag
"629fb029-1ed24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwofJPUG6is9upnqi78zyg%2Fo5CM8a8uxUyAxUvUE2BvCwsgumxaer7%2FhMot6UwLdKiODZ0lcfQxzbqc4bqJDLhVLld%2FAOEl0WMObfqSbkf%2F5GDx8lWEjfRnykES8dEap1HW7X%2BMWAjcePfHe90w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
773894b78ba69b4f-FRA
Roboto-Regular.ttf
cdn.epoch.cloud/assets/fonts/ Frame 0927 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/Roboto-Regular.ttf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
168260
last-modified
Fri, 31 Dec 2021 14:23:03 GMT
server
cloudflare
etag
"61cf1247-29144"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEoyf1rrCTYd5MrMaE3s4fpqahoWJ%2FWlvSF0Kbwmlxm6MOmnS6mi%2FtqKvdSI1GqE08o1YM9wkqQF%2FIcpKvPdNRTblXop1dsJtUk8PefhP9FglHr%2FgtjfA5WIyl7O6S%2FoaIHryXbfWXVctTG9N6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
773894b78ba39b4f-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame 83EE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5j46Bahto44sbDrhNnVpQToWuKbnHT3rrXlUHHfIIscJ2ig6NwPmR2mgeqd5tGUEvy8oSXZqcNUXmF5Bcc536gbmSb4Kv6qnOYb0RJ6Couk0boyvU&sig=Cg0ArKJSzPK-kNK3rt4sEAE&id=lidar2&mcvt=1000&p=442,1100,692,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2786340635&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670031485559&rpt=109&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022113001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d76d227b5f98dd8e58af1b7b5bf7228407b67dfbe5ae538590cb96bcbe2c0442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11034
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=F69E70B918E54DABA739791CD08C6DE6&RedC=c.clarity.ms&MXFR=0614772E7F2E6884271865417B2E669C
  • https://c.clarity.ms/c.gif?CtsSyncId=F69E70B918E54DABA739791CD08C6DE6&MUID=2337F3796B986B6E1DFDE1166A986A43
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=F69E70B918E54DABA739791CD08C6DE6&MUID=2337F3796B986B6E1DFDE1166A986A43
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FEADD8728D3E4C25BFD5EEF6FA3AF802 Ref B: FRAEDGE1917 Ref C: 2022-12-03T01:38:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=F69E70B918E54DABA739791CD08C6DE6&MUID=2337F3796B986B6E1DFDE1166A986A43
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 03 Dec 2022 01:38:06 GMT
Server
nginx
Connection
keep-alive
/
www.googleadservices.com/pagead/conversion/855967303/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/855967303/?random=1670031486793&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&value=0&bttype=purchase&auid=250151561.1670031485&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e05f8b2999d5c575c13a0e3acc1e2fe5861cd6e869e2de495bfd2358a6542d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
push_notif.js
services.epoch.cloud//public-labs/src/push_notifications/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Sep 2020 15:46:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271
etag
W/"5f6384bb-18fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWqYXhj6vN0C3NvMDnLfUESWXKlyJrRxgczqurW8VK%2BiZtVe5%2Bze8g5hZ2PzTwaskBtKRZhWvM4UYq0cRcudJQelhIe3K2qrzFoZLxDMqL6m3FSNsCsjOPsvBC%2BqGsf20j%2FveSMRZXhyxM3uAQefTeQixg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
773894b87e16bb9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ge.js
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.82.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
1126eb1de2ad0f7664b948938653a18e1f8d89be694224e9b13e86cc339c0b41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 01:38:08 GMT
Last-Modified
Tue, 29 Nov 2022 17:41:11 GMT
Server
AmazonS3
x-amz-request-id
5NKK6B4QX8Z2FRWR
ETag
"0d4ece7d60f7d92cef4112ff2c393358"
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
37541
x-amz-id-2
gNk7KDEdTPY0aX2qbk2+MYNOAKyaUFj1qQhldLX4QIL89WMrX1uJEWCvBrfC6WNzIhleGL1uNFJNSs1pVIo8hQ==
Expires
Thu, 29 Dec 2022 17:41:10 GMT
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100415
  • https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1670031487083
27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1670031487083
Protocol
HTTP/1.1
Server
52.55.90.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-90-187.compute-1.amazonaws.com
Software
/
Resource Hash
90ae810557dd6aeea56f2402b5ff1b9ce2a896698fe06adaf5cff3f603861aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:07 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
27636
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1670031487083
Date
Sat, 03 Dec 2022 01:38:07 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/24003086/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:23:45 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
862
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
z5jNpMEsKcA6Qd_u6O8TwqGuPYQaD8jr9E4OfgsWUsEWMbYdFE4maA==

Redirect headers

location
/internal-c2/default/cs.js
date
Sat, 03 Dec 2022 01:38:06 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
aslymvMP3QxKNh6xrJFG0TduK3q9V4XVrd9ZkzGp7JSH9lARehbpqA==
x-cache
Miss from cloudfront
b413bf4fa936cc351ac6476e0df69b50.js
clientcdn.pushengage.com/core/ 		114 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8fa34b31aad23ea0d162f346badd04856a7f725c09a13192a5a02087c457976e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:37:18 GMT
content-encoding
gzip
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P4
age
48
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1i-LP3KUvjWXGW-5Z6m88lqVJHMm2c6y5yeKtynSoLetP3Fp75Bvag==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 01:38:06 GMT
address_books16-e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d.js
api.cloudsponge.com/assets/ Frame 75E6 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cloudsponge.com/assets/address_books16-e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d.js
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/widget/uaRMQGoN7Zh9_T3vcY6eZA.js?_=1670031486482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.71.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-71-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:07 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 06:40:56 GMT
server
nginx
etag
"63198e78-9e81"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
content-length
40577
expires
Thu, 31 Dec 2037 23:55:55 GMT
wlt
api.cloudsponge.com/ Frame 75E6 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.cloudsponge.com/wlt?k=uaRMQGoN7Zh9_T3vcY6eZA&t=k&v=1.6.0&h=subs.theepochtimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.71.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-71-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cloudsponge.com
X-Frame-Options ALLOW-FROM https://www.cloudsponge.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-runtime
0.005770
date
Sat, 03 Dec 2022 01:38:06 GMT
content-security-policy
frame-ancestors https://www.cloudsponge.com
content-encoding
gzip
server
nginx
etag
W/"a065920df8cc4016d67c3a464be90099"
x-frame-options
ALLOW-FROM https://www.cloudsponge.com
p3p
policyref="/w3c/policy1.p3p",CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
x-request-id
00e6e2c8-c736-4c28-a69f-94ac78f7d126
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC2C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 00:11:35 GMT
expires
Sun, 03 Dec 2023 00:11:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A776 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
077bcb386e4da1e6118ccaa74eefa6414e42c1e84dde24732f26b9253e83aa45
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7NFq48qnbS7NfjrNTaq7Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7NFq48qnbS7NfjrNTaq7Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 01:38:06 GMT
expires
Sat, 03 Dec 2022 01:38:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.google.de/pagead/1p-conversion/855967303/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJ...
  • https://www.google.com/pagead/1p-conversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadser...
  • https://www.google.de/pagead/1p-conversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadserv...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&value=0&auid=250151561.1670031485&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09HbW5BWVEwNHF4N3BLcHpQN3pBUklsQUZ3RnptclBmcFRfNUtyRy1uMERxREpzenoxZGtVbDI0UWlVT3M3Ukpib2g1YVpTSFEaWENoRUlnT0dtbkFZUW1vT1JfUHlVMFp6Q0FSSXRBRjVkRnU1T0QtaDk3N1ljYzhjRllNOVZ2RnJDZmpKODU1MHB3ako0bHFld3BxWFpNcmFKMG8wQ2V2cHQ&is_vtc=1&ocp_id=fqiKY5voNMuG9fgPz-ym8As&cid=CAQSKQDq26N9yrseFT0q9lMa3bjdawV_L_0L5_Uj-0DF0nT42S5iGyxYpM1aIBM&eitems=ChAIgOGmnAYQq9qV8qnIlbISEh0ABbbZjKGVSo2oY3_IlI5AwegbWUaB3_sEzZ-cNQ&random=2157840677&ipr=y&prhg=0
Protocol
H3
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 01:38:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/855967303/?random=1359986117&cv=11&fst=1670031486793&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&tiba=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&value=0&auid=250151561.1670031485&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09HbW5BWVEwNHF4N3BLcHpQN3pBUklsQUZ3RnptclBmcFRfNUtyRy1uMERxREpzenoxZGtVbDI0UWlVT3M3Ukpib2g1YVpTSFEaWENoRUlnT0dtbkFZUW1vT1JfUHlVMFp6Q0FSSXRBRjVkRnU1T0QtaDk3N1ljYzhjRllNOVZ2RnJDZmpKODU1MHB3ako0bHFld3BxWFpNcmFKMG8wQ2V2cHQ&is_vtc=1&ocp_id=fqiKY5voNMuG9fgPz-ym8As&cid=CAQSKQDq26N9yrseFT0q9lMa3bjdawV_L_0L5_Uj-0DF0nT42S5iGyxYpM1aIBM&eitems=ChAIgOGmnAYQq9qV8qnIlbISEh0ABbbZjKGVSo2oY3_IlI5AwegbWUaB3_sEzZ-cNQ&random=2157840677&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame AC2C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 06:18:27 GMT
collect
k.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 03 Dec 2022 01:38:06 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
sodar
pagead2.googlesyndication.com/pagead/ Frame A776 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022113001&jk=3850046703082950&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame AC2C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jb9NcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
onetag-sys.com/usync/ Frame 57BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670031484985
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame C8E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670031484984
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 885D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
76001
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 03 Dec 2022 01:38:07 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 27 Nov 2022 04:52:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 412534
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230058-FRA
X-Timer
S1670031487.042755,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2D69 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
76001
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 03 Dec 2022 01:38:07 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 27 Nov 2022 04:52:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 412535
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230058-FRA
X-Timer
S1670031487.052529,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 885D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:07 GMT
AN-X-Request-Uuid
ab14efa9-b421-4bef-b19b-4c8c4833381b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2D69 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:07 GMT
AN-X-Request-Uuid
71ae4c13-4d26-4529-8db5-a0af4315296f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auth
api.cloudsponge.com/api/ Frame 75E6 		465 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cloudsponge.com/api/auth?parentOriginGuess=https%3A%2F%2Fwww.theepochtimes.com%2F
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/assets/address_books16-e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.71.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-71-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd374db044794519acd9ce297c4d2b142faa7b0c8a72060c1d848ce89a722ccc
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
X-Frame-Options ALLOWALL

Request headers

Referer
https://subs.theepochtimes.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
Authorization
Basic dWFSTVFHb043Wmg5X1QzdmNZNmVaQTo=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:07 GMT
content-security-policy
frame-ancestors *
content-encoding
gzip
x-request-id
91175d6a-be7a-4850-a0d1-aaea836771fc
pragma
no-cache
x-runtime
0.013903
server
nginx
etag
W/"bd374db044794519acd9ce297c4d2b14"
x-frame-options
ALLOWALL
access-control-max-age
7200
access-control-allow-methods
OPTIONS, POST, GET
access-control-allow-origin
https://subs.theepochtimes.com
access-control-expose-headers
cache-control
no-cache, no-store
content-type
application/json; charset=utf-8
vary
Origin
expires
Mon, 01 Jan 1990 00:00:00 GMT
auth
api.cloudsponge.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cloudsponge.com/api/auth?parentOriginGuess=https%3A%2F%2Fwww.theepochtimes.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.71.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-71-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-requested-with
Access-Control-Request-Method
GET
Origin
https://subs.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
authorization,x-requested-with
access-control-allow-methods
OPTIONS, POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
date
Sat, 03 Dec 2022 01:38:07 GMT
server
nginx
/
tags.wdsvc.net/tpc-eval/ 		21 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=184d5a230d0-tags8-6e375234c3afd
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.90.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-90-187.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:07 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
collect
collect.cloudsponge.com/v1/ Frame 75E6 		19 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.cloudsponge.com/v1/collect?an=CloudSponge%20Widget&tid=UA-10218190-7&dl=%2Fload&dt=Loaded%20Script&dr=https%3A%2F%2Fsubs.theepochtimes.com%2Ftemplate%2Fshow%3Ftid%3D924e14b9-3ed2-41d0-ae93-07246a558b57%26sid%3Dwww.theepochtimes.com%26v%3D3%26ck%3DJTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA%3D%3D%26pl%3Dhttps%253A%252F%252Fwww.theepochtimes.com%252Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%26u%3DJTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ0NDQlMkMlMjJsb25naXR1ZGUlMjIlM0E3LjAxMTQlN0QlMkMlMjJzdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyaGlzdG9yaWNTdWJzY3JpcHRpb25zJTIyJTNBJTVCJTVEJTJDJTIyc3Vic2NyaXB0aW9uJTIyJTNBJTdCJTIyc3Vic2NyaWJlZCUyMiUzQWZhbHNlJTJDJTIycmVnaW9uSWQlMjIlM0ElMjIlMjIlMkMlMjJzdWJzY3JpcHRpb25UeXBlJTIyJTNBJTIyJTIyJTJDJTIycGxhbklkJTIyJTNBJTIyJTIyJTJDJTIyZXhwaXJhdGlvbiUyMiUzQTAlN0QlN0Q%3D%26tn%3DInstaShare%2520Widget%26dna%3D%257B%2522pid%2522%253A%2522anone984-db32-4f85-ad23-18553b3d132d%2522%252C%2522x%2522%253A%2522410-508-821%2522%252C%2522vt%2522%253A0%252C%2522g1%2522%253A%2522de%2522%252C%2522g2%2522%253A%2522nw%2522%257D%26templateVariant%3Dembed-underArticle%26url%3Dhttps%253A%252F%252Fwww.theepochtimes.com%252Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html%26thumb%3Dhttps%253A%252F%252Fimg.theepochtimes.com%252Fassets%252Fuploads%252F2022%252F09%252F18%252FCP150494524-700x420.jpg%26title%3DNo%2520Evidence%2520Freedom%2520Convoy%2520Donations%2520Were%2520From%2520Criminal%2520Origins%253A%2520GoFundMe%2520Exec%26segmentControl%3D0.1816625376492269%26segment%3Deet&k=uaRMQGoN7Zh9_T3vcY6eZA&av=1.6.0&cid=CA1.1.97564550.1670031487&t=pageview&ts=1670031487498
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/assets/address_books16-e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-121.fra56.r.cloudfront.net
Software
/
Resource Hash
70358b772fc9a444816f49f054eb8e785c265815592c3bb474e63eb6bf850be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:07 GMT
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amzn-trace-id
Root=1-638aa87f-774a97ad2c65d35e0d84bb14
x-amzn-requestid
17bd63c0-93c3-4b60-ab56-bb5b1b7ecbf2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
ci9D_HcaoAMF3UA=
content-length
19
x-amz-cf-id
lhFEkgeaQ_maXbXS3pXm4kb3jmvZLfNpA2PMi09TKDQKU7XFh9pmbg==
address_books15-0c9580d6d00cac618425d5a356891160b73363a1b7b0898eced071c6d66cec30.css
api.cloudsponge.com/assets/ Frame 75E6 		41 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.cloudsponge.com/assets/address_books15-0c9580d6d00cac618425d5a356891160b73363a1b7b0898eced071c6d66cec30.css
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/assets/address_books16-e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.71.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-71-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0c9580d6d00cac618425d5a356891160b73363a1b7b0898eced071c6d66cec30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:07 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 00:37:54 GMT
server
nginx
etag
"61f1e962-189f"
content-type
text/css
cache-control
max-age=315360000
content-length
6303
expires
Thu, 31 Dec 2037 23:55:55 GMT
lc2.js
b-code.liadm.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/lc2.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
452b75283416aa50d43a3cf76fb1eb1b969014c5767fe3f5fc21f320093aa7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 00:47:07 GMT
content-encoding
gzip
via
1.1 6e44e48abc671a9155ea845c36f68920.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
3060
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
l1nh93ay_XvitkzLW66jgt_dAJRFt5jOluo0np0LLa8JCOgtzOQd-w==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022113001&jk=3850046703082950&bg=!b2ylbCjNAAbvMpMzzzI7ACkAdvg8Wu2I_e3JLbjoLqCCIDRxLvSUjLnNPmB9h_49zlCF4ClL0hPtqwIAAABQUgAAAAJoAQeZApWMZwS926X0KVqPSOiBHQcdd7utUDHNN_bYNOsOyEqxxP4CbXZg2nA1LKEt380f-2LQL7qBZqd2GgLLkAYFn1Xrgxtt8SdBWMxOIiVjtqdlBDrPIggCveWywxeGcENFORtaIxf64oKk5ZEQvnTXH5AnIlVvvmT70QxZyJRxV81JjjVTpOUqRwrh-hSsxdWzYmVoPmoftiKIqQRSQrrVznwpmeLjyudq55ktQ6kzBDiBPWL8sA8eJGBgk0QwW0JyX4SndTRKnLen5oZcT6KZq730CNld7gRQzzRnw3CN6BJnzI9RZAbcA4umC0l3yoRcRUgd33ASiDmYkyBmN6a1-huMc41dfZ6dLwO0SjllJja8o_4H-8LYlkBl7Y4xlJpNAk4y1nYYPmz1ihpwha2Q9WZEpeTWMFIZ2wVQMOdnQyxlvvbSAKAHW0dgjLcnMRM4sUzQFraqPZ_cKotJtqJuGuwDgKOLS9RHNXYmRQ2kqaUUwJodBRELd9CK02qYZuwmrOJnWjRo0PbxOmUPfe4x0mVomjKywKAmHcyl-9X998V2vnvqXYrwjxjP4VKqKSfZ1wFl_elEqFlhsDnqByTOxUpvoNLZD5uVgOuPmxN1QTV6-DRV9VrWmYe8jlx_sMRXHS6VIA1ilD19gyDlgHvTebno8L1ADwslwq79hOU5c1yDLPXWNi-8NDV01NFTGHs0PDUyKO3WP7LeZtYNNueO2v2hvzYJUXACu6lCLOKVbBsOM0ajCfTf-FS79XvDo3LRNx_PH4PFHO_MoOEo5wveqS7psYJdVdrbxBVZHjzdWXOe2Kmp2yKT1jz7y-KI2joMWXt7GVG207Xler5EZIfiJIeEyPXzl4ojuVyhgOR1rIH1JHjPM7cE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1670031487759&se=e30&duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&tna=v2.5.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-c...
  • https://rp4.liadm.com/j?dtstmp=1670031487759&se=e30&duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&tna=v2.5.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-...
13 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1670031487759&se=e30&duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&tna=v2.5.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&wpn=lc-bundle&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjE1&n3pc=true
Protocol
H2
Server
174.129.31.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-31-112.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:08 GMT
x-pixel-event-id
9ad009cf-0f9a-4383-a9be-e6f551d64ed6
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
0d5ac3fcb3ea8da3
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Sat, 03 Dec 2022 01:38:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1670031487759&se=e30&duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&tna=v2.5.1&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&wpn=lc-bundle&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjE1&n3pc=true
access-control-allow-origin
https://www.theepochtimes.com
request-time
0
access-control-allow-credentials
true
trace-id
3d49dd3945047073
content-length
0
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame 885D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:08 GMT
AN-X-Request-Uuid
c4595844-bd75-44f9-a0d9-a3d73073c5f7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2D69 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 01:38:08 GMT
AN-X-Request-Uuid
f83200e0-b653-4104-8f38-266e6440bcef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
72731
idx.liadm.com/idex/unknown/ 		42 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/72731?duid=57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7&resolve=md5
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.226.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-226-104.compute-1.amazonaws.com
Software
/
Resource Hash
2566d116971b6d3f05b4ca2b469f876bba6a3d21e45a00aba641391c316f8df9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:38:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
3
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
trace-id
ae21a5289f09807e
content-length
42
expires
Sun, 04 Dec 2022 01:38:08 GMT
li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ 		312 B
516 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.208.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-208-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2f77397a6624c0854c22e0c8b1d9e5fd382145165f9b20d17f39faa04d02f7e0

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 01:38:09 GMT
x-amzn-trace-id
Root=1-638aa881-3166517d31661a6f62a15424
x-amzn-requestid
12ad6dbf-5a1b-45f0-8200-e4e11f4856f7
content-length
312
x-amz-apigw-id
ci9EQGWcvHcF9OA=
content-type
application/json
li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.208.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-208-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 03 Dec 2022 01:38:09 GMT
x-amz-apigw-id
ci9EOEiKvHcFiZA=
x-amzn-requestid
23fdddad-5df7-4921-aa92-78bd12abdfa6
post-log
tags.wdsvc.net/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/post-log?v=4.10&t=1670031487184
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.90.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-90-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Sat, 03 Dec 2022 01:38:09 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=4tgsadn&ct=0:n27fxwf&fmt=3&td1=184d5a230d0-tags8-6e375234c3afd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:cbmj8de&fmt=3&orderid=&vf=&v=&td1=184d5a230d0-tags8-6e375234c3afd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:idisnfs&fmt=3&orderid=&vf=&v=&td1=184d5a230d0-tags8-6e375234c3afd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 03 Dec 2022 01:38:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
ea.epochbase.com/api/analytics/g/ 		0
233 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=2oebu0&_p=1612355859&cid=152341740.1670031485&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670031484&sct=1&seg=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&dt=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&en=page_view&_ee=1&ep.page_path=%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&ep.post_id=4872079&ep.primary_category_name=Canada&ep.eet_tags=Canada%3BFreedom%20Convoy%202022%3BEmergencies%20Act%3Bgofundme&ep.all_term_ids=canada2-362%3Bworld-89904%3Bfrontaudio-161329%3Bcanada-top-news-100342%3Btodays-headlines-98892&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 03 Dec 2022 01:38:10 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
20220729134201694905AQR5WAeetlogopngepochtimesmoengage.png
image-eu.moengage.com/epochtimesmoengage/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-eu.moengage.com/epochtimesmoengage/20220729134201694905AQR5WAeetlogopngepochtimesmoengage.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4800:11:5760:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
577deaae018acec8df151661a116dcca146227350825714d38baea26816f2eb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 13:46:54 GMT
via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
10929075
etag
W/"1ae8-Sl7nnBRtbm195kcX1S/hQFAEPnE"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
timing-allow-origin
*
content-length
6888
x-amz-cf-id
Cu1JRH4S3b7eukBs7Al8m0LR-zY4-Sv7W9ye9xK8fLc_GQ3cDBOwWA==
x-request-id
a95db9cf-d329-46ef-8384-51be130949f3
c
ea.epochbase.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Sat, 03 Dec 2022 01:38:10 GMT
server
nginx/1.20.1
c
ea.epochbase.com/api/pw/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Sat, 03 Dec 2022 01:38:10 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&time=1670031485047&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&random_number=4000399398&sess_cookie=2b05a6ee184d5a2287789745812&sess_cookie_flag=1&user_cookie=2b05a6ee184d5a2287789745812&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US

Verdicts & Comments Add Verdict or Comment

301 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontentvisibilityautostatechange string| eet_primary_category string| eet_cat_ids string| eet_term_ids string| eet_all_term_ids string| eet_cat_names boolean| eet_no_ads string| eet_ads_term_ids undefined| eet_post_countries string| eet_post_id string| eet_author_name string| eet_primary_category_name string| eet_tags string| eet_tags_slugs string| eet_publish_date string| eet_last_updated_date string| eet_word_count string| eet_page_type string| eet_segment_url string| featured_img_thumbnail string| eet_is_premium_article string| moengage_object object| t function| q object| f object| h string| k function| moe function| Moengage object| settings_obj string| eet_ga_id string| eet_domain object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag string| eet_ref string| eet_refcat string| eet_refname string| eet_refpos function| getUrlParameter function| $ function| jQuery object| pending_sections number| section_threshold number| timerStart boolean| isEurope number| timerLimitForCheckGeo string| LIVE_CHAT_HOST string| YOUMAKER_HOST boolean| windows_focused function| eetUpdateTicker string| url_path undefined| arr_path number| dt string| uuid object| gtag_obj function| eet_home_ymk_socials function| addSlashes function| load_mailmunch function| check_sections_on_scroll function| add_lazy_load_section boolean| didScroll boolean| more_loading number| page_lastScrollTop number| category_page_num function| category_load_next_page number| scroll_position function| eet_bright_nav undefined| didScrollHome function| eet_back_to_top function| eet_single_sticky_header function| eet_single_tool_box function| eet_epochtv_category object| epochtv_page_nums object| epochtv_page_totals function| epochtv_load_next_page function| cardlist_append_one_page function| postlist_append_one_page function| epochGUID function| eet_entirepage_cover function| eet_remove_entirepage_cover function| eet_ymk_userID function| gdprUserID function| setGeoCookie function| eet_show_edition_popup function| getUrlParameters function| initUserDNA function| updateUserDNA function| handleMessageUpdateUserDNA function| check_pipa_siteid function| getTrackingScrollPercentageContentHeight function| getHomePageInViewportSectionIds function| init_pipa_paywall function| eet_fp_sticky_sidebars function| render_donation function| eet_save_post function| eet_user_saved_post_status function| eet_follow_author_status function| eet_follow_author function| eet_fix_mkt_list function| eetGetPostID function| live_chat_init function| live_chat_height function| listenLiveChatMessage function| handleLiveChatLoginCallback function| handleLiveChatHideCallback function| handleLiveChatShowCallback function| change_number_color function| eet_load_player_script function| eet_init_player function| playerAddMuteButton undefined| eetGAClientID function| sendTracking function| eet_radiantlife_sticky_sidebars function| eet_get_ai_list function| eetAIRecAPIErrEvent function| eet_ai_handle_search function| eet_ai_rec_insert_tracking function| eet_track_widgets_seen function| eet_get_post_detail function| searchResultFolding function| formatAiRecDate function| getGAClientID function| trackingSearchActivity function| eet_get_user_id function| eetRecordUserReadingHistory function| insertRecAdSlot function| fillEmptyAds function| track_moengage_user function| eet_ai_trigger_recommend_for_top_story function| eet_ai_replace_top_story function| eet_ai_recommend_for_top_story object| jQuery111303958948468996697 object| ep object| pbjsChunk object| pbjs object| _pbjsGlobals object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external object| GooglebQhCsO object| _qevents object| uetq function| twq function| pixie function| onYouTubeIframeAPIReady object| regeneratorRuntime object| MicroModal function| expired object| epSubs function| get_remark_host function| float_remark_panel function| remark_panel_init function| load_ymk_comments function| showUserTemplate object| webpackChunkAudioPlayer object| AudioPlayer number| PREBID_TIMEOUT number| ALLBIDS_TIMEOUT number| HB_FLOOR boolean| show_roadblock object| ads number| infinity_ad_count boolean| lazyload object| googletag boolean| testC boolean| testD function| sySpecialAd boolean| outside_article_ads function| prepareDivs function| get_ads_template function| fillAdSlot function| ednBidders function| insert_ads_div function| display_infinite_ads function| insert_recommend_ads function| setGoogleTagTargeting function| getRootDomain function| createGPT function| loadA9 function| loadPrebidJSLibrary function| startGoogleTagService function| display_pd_slot function| display_ads function| oxZoneId function| renderGoogleTagWithTracking function| renderOxAd function| getTwitterMatch function| getFacebookMatch function| eet_single_game_ads function| eet_ai_recm_native function| eet_ai_srch_native function| eet_ai_srch_native_lazy function| fillFrontNative function| moeOnsite string| moeBannerText function| MoengagePageEventHistoryManager object| moeInternals object| slots function| quantserve function| __qc object| ezt object| _qoptions object| twttr function| referral function| setCookie function| getCookie object| _atrk_opts function| UET function| UET_init function| UET_push object| ueto_39e7ef1cd7 object| cbJsonP function| cb_window_logger object| __SENTRY__ function| Chargebee object| ggeac object| google_js_reporting_queue object| userDNA object| extractedURLParams object| remark_config function| atrk boolean| _atrk_fired undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| REMARK function| clarity number| softLoginDeployment function| dailyMeterCounterIncrease function| initShareWidget function| renderShareWidget object| popupPaywall object| renderPayLaterWall object| freeTrialExperience object| accountVerificationCheck object| Clickly function| googleOneTapCallback string| epochShareWidgetVersion string| shareWidgetMode function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| jsapi_ object| JsAPI object| __statmedia object| U function| StatMedia object| statmedia49188 object| scvsmnv43fmg object| closure_lm_906950 object| geq string| persistentUser string| cookieStoreData string| firstpg function| empty object| GoogleGcLKhOms object| _peSd object| _peD object| _peE object| _pe object| _peq object| WDSMemberConfig object| WDSConfig number| timeout boolean| tpc_present function| _0x3f5ecd function| GeAnalytics function| geLoadLi function| _0x5c0c boolean| geqpreprun function| _0x5ea7 function| run_ge object| liQ object| _geq object| google_image_requests object| __li__evt_bus object| liQ_instances

57 Cookies

Domain/Path Name / Value
.theepochtimes.com/ Name: epoch_persistent_user_id
Value: anone984-db32-4f85-ad23-18553b3d132d
.theepochtimes.com/ Name: _gid
Value: GA1.2.1661403411.1670031485
.theepochtimes.com/ Name: _gat
Value: 1
.theepochtimes.com/ Name: _gcl_au
Value: 1.1.250151561.1670031485
.theepochtimes.com/ Name: _ga
Value: GA1.1.152341740.1670031485
.theepochtimes.com/ Name: _ga_RD0QM5H02Q
Value: GS1.1.1670031484.1.1.1670031484.0.0.0
.bing.com/ Name: MUID
Value: 2337F3796B986B6E1DFDE1166A986A43
www.theepochtimes.com/ Name: epoch_gdpr_userid
Value: 65792c40-d2e4-fe44-7c05-2b41157ee364
.theepochtimes.com/ Name: pageviewCount_fb
Value: 1,none,https://www.theepochtimes.com/no-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html
.theepochtimes.com/ Name: _uetsid
Value: 21b5053072ab11eda1254957cf237342
.theepochtimes.com/ Name: _uetvid
Value: 21b5905072ab11edae5133d8d74bab28
.adnxs.com/ Name: icu
Value: ChgI159BEAoYASABKAEw_NCqnAY4AUABSAEQ_NCqnAYYAA..
.adnxs.com/ Name: uuid2
Value: 3385656145321565941
.t.co/ Name: muc_ads
Value: 3883a358-5f4e-4e62-8c7c-70d22ade95fc
.theepochtimes.com/ Name: epoch_geo_country
Value: de
.theepochtimes.com/ Name: epoch_geo_subdivision
Value: nw
www.theepochtimes.com/ Name: epoch_user_dna
Value: %7B%22pid%22%3A%22anone984-db32-4f85-ad23-18553b3d132d%22%2C%22x%22%3A%22410-508-821%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
.twitter.com/ Name: personalization_id
Value: "v1_tNgJhzKG9C1s3uBqkl7B/A=="
.doubleclick.net/ Name: IDE
Value: AHWqTUnaj_NkW5jEdzbiS0sfKk7SAZTIwMRxBkTZ4vTsOfbxTHBtXvojbad22afK
.theepochtimes.com/ Name: __asc
Value: 2b05a6ee184d5a2287789745812
.theepochtimes.com/ Name: __auc
Value: 2b05a6ee184d5a2287789745812
.quantserve.com/ Name: mc
Value: 638aa87d-0e6dd-0d636-1340e
.theepochtimes.com/ Name: __qca
Value: P0-518996119-1670031484833
.theepochtimes.com/ Name: moe_uuid
Value: 1d3bd730-f641-46e2-8b7f-bff8ec0b8b44
www.clarity.ms/ Name: CLID
Value: be1a735752774c2cb613ae21ebbfef0c.20221203.20231203
.theepochtimes.com/ Name: _clck
Value: 1hv0nod|1|f73|0
.go.sonobi.com/ Name: HAPLB8S
Value: s8657|Y4qog
.theepochtimes.com/ Name: e_ab_es
Value: 0.1816625376492269
www.theepochtimes.com/ Name: epoch_daily_articles
Value:
.theepochtimes.com/ Name: __gads
Value: ID=2b0b153fd8a2982b:T=1670031485:S=ALNI_Maq2q61p4iPUurYLBNw0W8SSAQChQ
.theepochtimes.com/ Name: __gpi
Value: UID=00000b8c2256aad4:T=1670031485:RT=1670031485:S=ALNI_MZCzL78AuWXVrG48rbbDFyXglAqsg
.theepochtimes.com/ Name: ads_layout
Value: anonymous
.theepochtimes.com/ Name: _clsk
Value: jh1245|1670031485797|1|0|k.clarity.ms/collect
.theepochtimes.com/ Name: epoch_user_type
Value: anonymous
.mixi.media/ Name: _sm_uid
Value: 828e6b98-f99c-44cb-b3f0-a9028ff57d32
.mixi.media/ Name: _sm_udt
Value: 1670031485506
.mixi.media/ Name: _sm_sid
Value: a389c40d-4dfb-4441-8b54-a06bb8682719
.mixi.media/ Name: nid
Value: ads5-1smir10
.stat.media/ Name: _sm_uid
Value: 828e6b98-f99c-44cb-b3f0-a9028ff57d32
.stat.media/ Name: _sm_udt
Value: 1670031485506
.stat.media/ Name: _sm_sid
Value: a389c40d-4dfb-4441-8b54-a06bb8682719
.stat.media/ Name: _sm_cm
Value: 32
.c.bing.com/ Name: SRM_B
Value: 2337F3796B986B6E1DFDE1166A986A43
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2337F3796B986B6E1DFDE1166A986A43
.c.clarity.ms/ Name: ANONCHK
Value: 0
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2022-12-03T01:38:07.083Z~2022-12-03T01:38:07.083Z|1938942103141117|33|
www.theepochtimes.com/ Name: _geuid
Value: 68626c32-99f1-4a02-a66a-b458e4f09268
www.theepochtimes.com/ Name: _gepi
Value: true
www.theepochtimes.com/ Name: _geps
Value: true
.theepochtimes.com/ Name: _li_dcdm_c
Value: .theepochtimes.com
.theepochtimes.com/ Name: _lc2_fpi
Value: 57b4458eb59c--01gkat4cn49bnzqf3f8wmq93z7
.liadm.com/ Name: lidid
Value: dbd19412-680e-4c55-8e96-3bf290499ade
.theepochtimes.com/ Name: __li_idex_cache_eyJxZiI6MCwicmVzb2x2ZSI6Im1kNSJ9
Value: {%22md5%22:%221dfce74c35b659bcd57eb8696c735d64%22}
.theepochtimes.com/ Name: wds_random
Value: 2022-12-03T01:38:07.083Z~2022-12-03T01:38:07.083Z|1938942103141117|33|
.theepochtimes.com/ Name: __WDS1
Value: %7B%22da_100415%22%3A%7B%22hu%22%3A%222022-12-03T01%3A38%3A09.344Z%22%7D%7D

6 Console Messages

Source Level URL
Text
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=No%20Evidence%20Freedom%20Convoy%20Donations%20Were%20From%20Criminal%20Origins%3A%20GoFundMe%20Exec&time=1670031485047&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Fno-evidence-freedom-convoy-donations-were-from-criminal-origins-gofundme-exec_4872079.html&random_number=4000399398&sess_cookie=2b05a6ee184d5a2287789745812&sess_cookie_flag=1&user_cookie=2b05a6ee184d5a2287789745812&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://comment.youmaker.com/api/v1/user?site=remark
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://comment.youmaker.com/api/v1/avatar/eb5fb51a409e615ed122600813e414790bd35b67.image?site=remark
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://comment.youmaker.com/api/v1/avatar/e96eef6bf0847ecac8a55767ee3ac7eb50787b95.image?site=remark
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://comment.youmaker.com/api/v1/avatar/3cb5a77d811354a65f3945f933a8868130a9bb16.image?site=remark
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://comment.youmaker.com/api/v1/avatar/9a176cabd57f8737680d70bdae71722fe003ebce.image?site=remark
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1fb24e8b2644fa4a4d00040474a2bea.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
api.cloudsponge.com
b-code.liadm.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.epoch.cloud
cdn.moengage.com
cdnjs.cloudflare.com
certify.alexametrics.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
clientcdn.pushengage.com
collect.cloudsponge.com
comment.youmaker.com
d31qbv1cthcecs.cloudfront.net
ea.epochbase.com
exchange.postrelease.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idx.liadm.com
image-eu.moengage.com
img.theepochtimes.com
insight.adsrvr.org
js.chargebee.com
k.clarity.ms
mixi.media
onetag-sys.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.adnxs.com
pwe.epochbase.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
sdk-02.moengage.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
stackpath.bootstrapcdn.com
stat.media
static.ads-twitter.com
static.mixi.media
static1.mixi.media
static4.mixi.media
static5.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.theepochtimes.com
subs.youmaker.com
subsapi.epoch.cloud
sync.go.sonobi.com
t.co
tags.wdsvc.net
target.mixi.media
tpc.googlesyndication.com
vs1.youmaker.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.theepochtimes.com
www.youmaker.com
certify.alexametrics.com
104.244.42.5
104.244.42.67
108.138.17.30
108.138.7.117
13.32.121.17
136.243.66.182
142.250.185.98
151.101.65.108
151.139.128.10
174.129.31.112
18.215.71.12
18.66.147.15
18.66.147.53
185.89.208.11
193.108.153.24
199.232.136.157
20.234.93.27
20.96.88.162
2001:4860:4802:34::36
2600:1f13:57e:7b01:7fd2:cadd:e467:5665
2600:1f18:730:b110:ee02:ef72:6352:30c8
2600:9000:20eb:e600:6:44e3:f8c0:93a1
2600:9000:21c7:6a00:8:8845:1500:93a1
2600:9000:223e:4800:11:5760:8340:93a1
2606:4700:3038::6815:ea34
2606:4700:3038::6815:ea35
2606:4700::6811:190e
2606:4700::6812:bcf
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9c
2a02:26f0:3500:8::c16c:9912
3.5.82.146
34.102.198.207
34.110.129.224
34.120.33.89
34.120.97.157
35.201.68.206
35.244.243.66
35.71.131.137
37.252.171.149
4.7.168.74
51.89.9.252
52.222.236.121
52.25.208.196
52.55.90.187
54.158.226.104
54.192.235.59
54.76.235.247
69.166.1.10
82.202.225.227
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
077bcb386e4da1e6118ccaa74eefa6414e42c1e84dde24732f26b9253e83aa45
08c2c90f115062d29aaa6c0717f3266d7fa5cca0489e65e0b0ce712f9e379042
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c9580d6d00cac618425d5a356891160b73363a1b7b0898eced071c6d66cec30
0eba2425939043541ac0423f0d1ce0c47e40797125394232ce1b40e4b2eb81f7
0ed3032f39805f93d5a1680b4c8790efea35cdad469a5013a193dcb7028f14c6
0fafc223231939ade62a1004c84e93348ff7fbce4bab6ecedd4b50f1fa9ea19f
1126eb1de2ad0f7664b948938653a18e1f8d89be694224e9b13e86cc339c0b41
11a865b4359e661025e24c7c944e9205272ae65d2488ec65ff19e442976b7bbe
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
1646931f6987ce06293358837b7f91b34dcaa393c4a1aa4a550f3b85191857c5
17dd9b7c029f1a673caf7ab6fe8aa53663d03b7ed4f832a3eb99d023648f5908
1ad886d5daed57a89ccce0cb2d34b21c2ff6cc109a8e2ed40635516d939c0456
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1ed8b113de961c519abf98974c1b44a0be4ae23dda60f51177138134be171f3a
1f2a24bfee4ce171f16864333b1e7f598b0bcc7e6a10b9b4ea46c1dfe053a3ee
2252f3a17162f8f28c5989e034dc5ba6fdc2a24a33193418383c34a5fc175f69
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
2566d116971b6d3f05b4ca2b469f876bba6a3d21e45a00aba641391c316f8df9
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
26aa82e1186d3e338a43a716b262a78272826e3641f9df709627f6394fce5e57
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
27e0c4d1dda8e2d413f4026744dbe746a5a43afb3bd15ce598caf515b1227f19
2a02f567896836f4bba56e439fc117d0a9b2003ad8d5aa4446c0231693c6e3ec
2a4fbcb87b0b347beab8efd51ed5f0af275dbfaf51f92aef3b0fb3961cfdc6c7
2ecae39e460fe1ac9a93f87807624b399e11a26d4d6325eba5cc3ced86d2eaa8
2f77397a6624c0854c22e0c8b1d9e5fd382145165f9b20d17f39faa04d02f7e0
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3185feb4c67e538350db6310c8b1de2663303a1de795f1e3b269e7df952c0a04
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
3527e1d977a7cbffd85f7833779af7d7e4dd215e437d0948b4998419b1418d87
3771aa40a113c5aca2111fe7e1eaaf029325b71d3c6b8d8d91cc7167dc68405b
37dac971a36eb9c697c1a05cef03446739c13390f494980fbb423d125020963a
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
395f6a95839dae1891c53424a63e37f8a027b7f3b1d6ecd46ac566b6e9c6b096
39c4a5e135f695e1baa40108a59f48a5a327326336ba7ada4ae1c01ea411dc7d
3c8678662cbe90480e2b3c24751d9ed9386ebae304bfa114d5dfa19c8252dcef
3c8e91d44ceb4a689b94693ae811e5cf421fa6c8797a5b099a164d3eff0e14bc
3cb19407bab66b9ee7c351a194351789cb3faf0e8d5904a2c8610aae6e456fba
3d53db8613c1ec140c96e4cca2945cadf0643f5ed5e636ddb5394b00fe0160cb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6c562d46deb9d51ec52ef0664b2e69a6c9b8b865da7126e865f499175b70fa
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3e63d386fa4d5c77aa9b00d704e717ca41fe5f1393506cc5debb6442f2141c82
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2d8e05d2cbf7757ec64f004c83843e9f1c3d74c3ea84e9c8b9786be623fff7
406b4b8987fd727ca81399026608142b60669d31d33409a5ba2118f5cd11be1e
40efedea8e7a34578f3389a1c3405e4538627df382d53b668c8c49063f662bc7
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
44be04ca10e45131b3040fd10ab82ba4792b1da6c66f6c0bbeb343e3ea01f6bb
452b75283416aa50d43a3cf76fb1eb1b969014c5767fe3f5fc21f320093aa7fa
45c4ebf83b8dc78cd96827eaca9d913fc263046e85c7af62a2721bbabeccd18e
46340e89db8be816177c6da6ce55b17b3eb7d877fd802e36a77c0bfddd0b5df0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478a65c87dfb1f0f3f1ea4f4715021036dce59a158045ee2136cb91df38e61e9
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4a7d39078ebfaf817109030bdc6fad14a850e32633b214c81b122bf368c44dc0
4b8501f4c1443eef0ed610f7cb59a26de3e3100af0647cde21d3b4e9a81b17ae
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c
4e5899c78911240bc29b8e0281918f54b24e330233b75ecd348cb9c819e968f8
4e6213b7a0bc1e370fad3aeac8341675cdef7f9772a37d1d11dbd339c249b9c4
4e9608cd74e0a789eee25a6b0078b650d88862ffc316716c6294884b03fd5687
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5742e68696d47a95f5f207f7d84a0e23c9fd644d72f32bb4c8d3a94741ca2380
577deaae018acec8df151661a116dcca146227350825714d38baea26816f2eb2
58d066548314e4827f298403cb806d759ce7dbefb2bff05318803126cfe9347a
58e4d62e87f3c2e7dd0e5569c273603a3b8a94fac7252d5faca19306449c654a
5a298c0d8b0e2ca035c68f120366ebd3b1116a3472ed473365830503e80314ce
5a87b220dbef9164f5c2c3916322172546dd7311dea8655582d6a54db4864fba
5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1
5e13b546cc3f6257c38cf7f40494af77d7c724595b232b6f545b8b7a5e86b2a8
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f1b6ca0080e86730668b60355b2ccf40260e6053e33d5198c1d79b51f388a1d
5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d
5f88db8eb46345f4e83cdaf7f49a9455375697f69a3f64536128d945a78cc7f0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d5c15d64ebee0b5b03675e9235fb9aad496f1eee422ecfcecd6496f7abbdac
631e8faacd7ab2757435a6b167bb3fa85fcac71796a3aae7f39461a7dedbd85b
658379fc62a45175942e4be8db35d063a700ffc4d5bedb98a4d8ff135d24b7df
65fe8f9502341da5b7788a21bc78499d5766f8912f5c68f34f4cdb9a5c60dc52
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e5666eb3c613aa415b8f2ca2278b8d7d4d20f865515f43acbb18bdd8c08c7e
678b5b80d65759f2ad0dc78f02bc5ed275c1492de1af752d1226e921a91af450
67928c85a1a69c08f255e74e31b12876cb07ba0cff47d00309930c398f4aa786
6c0538032a94c4938b3c92c30b41b8f15a70e0400c94a1b281759ef737b6f480
6cf192622b80babb40ecd488477cca7ef4d3ab33af65033c32744fb676d6539d
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
6db053d1e5f5098522d46c1034024af3e312fd1d88a73ef39e87d5a4762aecf3
70358b772fc9a444816f49f054eb8e785c265815592c3bb474e63eb6bf850be6
728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e
72974739823d21db3088160569739b4bbbc3c4f1bb0fe5ae6afe1e89ac515258
7a136ba7c01e8baf5c3296a9a18490dbd678a363a03c2264b937303d53d71099
7b9f7e1f4ad6e69372e7ac74b9d66344ab60a798f7a108a71e637bb3e47509a6
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
7e26854636676991f1d950121ab8e5e484ede7d67dc896dd2d6a9d4d607d8e7d
7ec7d7998e7ab93993e77f3f71012e7fb1a37f9df422d4c0524ca151cfa9c32d
7fdc568a099fdeed8141ef427c3b62f399e00cb8d38e48a8755429e2e34cb6c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ea44a16211c4a362ff0ece9c6e89af0afd8b51fe9c02d488e0db46d516be61
84eb26362d62dc24554a20c295f2d7fc4735b3303179b57a9bc70c6db94b46e7
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fa34b31aad23ea0d162f346badd04856a7f725c09a13192a5a02087c457976e
90ae810557dd6aeea56f2402b5ff1b9ce2a896698fe06adaf5cff3f603861aa5
9117f5b0f3c9ed3817bf8004c195fa83ca0d7c47f3a8c8a6ce135d8633d590df
9149b9773658b424e818605f1cf87498c74b3eb92abe3324f893b3b148cab6f2
91e4a65e744dcf2cea6aa10d37d1c3eff9d71ae40c8d051110ad8e580fbd627e
9248ef5db07daf1037b001b1ea7ffdba722f041064f30555795fdb12a4dcf1b6
94015b53fc56119198c37c0911fecc9e41a3d6aae12e2c7de6674b08f348bd3c
96ff3bb0706c736333cfb4b0910496410de6553b385b4af8de260f8a24b9d231
97364411a6efc28599a4466c17b7af72083d16f890d3fed02b38948f6631a116
98e71ded0e4eee459196ef01d1430edc28fcf148300bf314ea1e9ee4b88f5570
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fc9591298aadd32f93e88812572bcc38f74747feb010fba4a40a43393e0dcd
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e1230a1029046e9fd3fbadce6800514c3275e9caa3a28ae25a1ebc3cf848064
9f4440116c1058bd77df3d46c84e0e807731b5302cda5c190dfd233e8de516a5
9f76290becd98eb7ae6733f8c7b410978b17fa706545003d37f426b1fd15ec42
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a471adfd029d5c6dd112a844b3349e740d9a26de2de6aaae6a490089846e96cf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a922ec72a886ec86707564deb4b9b27358b7ac42563dc11f9d26deca4f6b900a
ab5503401b97084122f06b86ff965dc6e8dae9685fb4ef1a636e731cefdb89d1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad66921129d3d73946c2e5a14c38eff98cfdae669aea4e04482710aff4e87d4e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af463b25ee108e48338456299a263e94b53b302b4524916661513e22dd773850
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
b1d5daa98167da75a05c36b894cbce8c760a74d3859430a218da68afa5869c2f
b278f09f431b42540dae43942b46d9f84c475556fac1db39f8a4fda039caee21
b2f23809897dca4d9cdbf8c41790ed737e34e4fa95814ea82908c0101a909595
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b88e258dc07bb58923a1587e9448b57d26948f9da6067e6e46a3cfe5e7d676d7
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
b8e2e77bc0149feea29d42a391b8cad619fd640e958de5c197b4908b04c3e2c6
bd126295bff92154569cc5c6f6197592b723582e662c871929e4983fc6dcc915
bd374db044794519acd9ce297c4d2b142faa7b0c8a72060c1d848ce89a722ccc
be494cdfd3ada31f62ae937062bdf9493fc7375be5f321fafe680343be3e89dc
becbbc53907850413170158b52085d0ec9f87c8a1cd45e4cc73c8fa74c734220
c2e6b4a388e1ecd6d9cdb9ff4d6e7a149bf2f18b7b8798dd4ad57189a48ca7ec
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c687268c074a05d39ef61d7bd6a3214774099d5ff018ff0b5ac0b5f1fcfbf031
c8f516d5f9d1e8b2d11a26b498f2adddf918f6a5251e89a9f3d45212a473c2ac
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99085b7fb1f2a887546ef03893582856b0ca792472ad92629a75177e66a803e
ca1c1acdc2bbdde74d7d71a879b8df3df6ce364e425a9bc3957e3dafc1227e7c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cddd40d4e43b08a7fcf46d6c2ec9dab7d096c3babde1bf8d0a116ce556b2edb6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1c97ef91a242bb452b32904e4988e65df52ce049990c4d283419500c08c214b
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d41af38073f1d919006f26ed6e3ef9ecaac089e27f571d8d5a29342abaedd1ab
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60
d76d227b5f98dd8e58af1b7b5bf7228407b67dfbe5ae538590cb96bcbe2c0442
d98f04a032f477d47240d3ae08bdbd3cdb4b6a10a93bc71031840d11a7e5ddb5
d9f0e225c26d9e379ac02131df20684f1c0791a046ad30183faa851b55c8517f
ddb9a1cfcfe8dbb1cefe4c71f6de8440eb41cc85b91f4a9fedc7fa5ecc635870
df90ec3f33bdaabf9d7afe6d5be1f357812f7a3d781dd405b18a7bd19faf71a4
e05f8b2999d5c575c13a0e3acc1e2fe5861cd6e869e2de495bfd2358a6542d20
e0bf5d0be2f70f186c63eec8a5708c4fbeddf51458a4ff17c5359441e7065d6e
e23baeed97585502b8c523c2b20eb49f121508cdea74e2a5d140810c3163b1ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59b75087eb3f07aae925c7a49d4062d79767032dabb5f4a7ebec06b26e5a382
e622e4a216a257769a46ff1faa7aeff2b252b8ed0ee28ce29f3476ccfcf50278
e623930d5af36ce7417f9b3887f3efc6e74ea4f2731d3ae3f4e7a9bd5edac11d
e62ceddb62c9bc2a587cb13644fc54749e672555c91c680d8bdd046b19d52d7e
eab7ece6058790b368e40da85cb0dfd67086f1d6c70d5a405bc382cec0958936
ec00fd20863c4b31d8bf4afb089f32de970fd518668518f06fdb3efde67042cc
ee3b0c9e2d371b6a6d25783f1f48d4947681caf604569c2d08dc9cf4d93f7219
ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268
ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
eff8407713a4db64425aa277a1cf6b097b72cc3b1b0fbafb04a1cb24066ec61f
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f397b9e1f7f87f1f494b4b7c27dec46e926c468434b42ef152329ffa312c9871
fa996a6d86287e08c259f2989e04877f08ab259117b1daa31c69373fd86991ce
fb9f3fbc7a3a7c25c21355a2cacde8486336ad3fe541d8c01aea2f3739cf8efa
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a
ff956c3a6b9f980409d889be9dc67646cdc425d2ed70bdcc4792e95946ede6df