Submitted URL: https://lists.youmaker.com/links/E94BQSLSIl/Jlid8tcrj/sOhDAPtvYL/qrnFWW3Ue
Effective URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Submission: On January 18 via api from US

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 25 HTTP transactions. The main IP is 151.139.128.11, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is subscribe.theepochtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.
This is the only time subscribe.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 subscribe.theepochtimes.com subscribe.theepochtimes.com
4 www.google-analytics.com services.epoch.cloud
www.google-analytics.com
4 subs.youmaker.com subscribe.theepochtimes.com
ajax.googleapis.com
subs.youmaker.com
3 js.chargebee.com subs.youmaker.com
js.chargebee.com
2 services.epoch.cloud subscribe.theepochtimes.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.impactradius-event.com subscribe.theepochtimes.com
1 cdn.jsdelivr.net subscribe.theepochtimes.com
1 ajax.googleapis.com subscribe.theepochtimes.com
1 ept.ms 1 redirects
1 lists.youmaker.com 1 redirects
25 13

This site contains links to these domains. Also see Links.

Domain
www.theepochtimes.com
m.theepochtimes.com
Subject Issuer Validity Valid
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2022-06-01
2 years crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2022-06-01
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-07 -
2021-08-07
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA
2021-01-06 -
2022-01-06
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
js.chargebee.com
Amazon
2020-04-17 -
2021-05-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh

This page contains 2 frames:

Primary Page: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Frame ID: 4A97092AAD75E87D2A2CE4DEABCA6EEE
Requests: 24 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=23aa65c3-d7fe-489e-8ec6-04d2ebaf7b90&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fsubscribe.theepochtimes.com%2Fp%2F%3Fpage%3Dvidlp01%26utm_source%3Dnewsnoeshare%26utm_medium%3Demail&tn=Video%20LP%20RW&shareToken=undefined&isLP=true
Frame ID: DF9FE46010CF9ECE60351EE4C78E864F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://lists.youmaker.com/links/E94BQSLSIl/Jlid8tcrj/sOhDAPtvYL/qrnFWW3Ue HTTP 302
    https://ept.ms/newsletters HTTP 302
    https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

25
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

13
Subdomains

12
IPs

4
Countries

438 kB
Transfer

869 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lists.youmaker.com/links/E94BQSLSIl/Jlid8tcrj/sOhDAPtvYL/qrnFWW3Ue HTTP 302
    https://ept.ms/newsletters HTTP 302
    https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
subscribe.theepochtimes.com/p/
Redirect Chain
  • https://lists.youmaker.com/links/E94BQSLSIl/Jlid8tcrj/sOhDAPtvYL/qrnFWW3Ue
  • https://ept.ms/newsletters
  • https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
11 KB
5 KB
Document
General
Full URL
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
cd745b971c4e4091850b77a88b86262014113e6d996e4c8bef904ef59a39bd48

Request headers

:method
GET
:authority
subscribe.theepochtimes.com
:scheme
https
:path
/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:05 GMT
accept-ranges
bytes
content-encoding
gzip
content-type
text/html; charset=UTF-8
x-hw
1610996525.cds092.lo4.hn,1610996525.cds257.lo4.sc,1610996525.cds257.lo4.p
server
nginx/1.16.1
x-powered-by
PHP/5.6.40
cache-control
max-age=3600
set-cookie
PHPSESSID=eqcsblgodjdv73aqeq865ct455; path=/
access-control-allow-origin
*

Redirect headers

cache-control
private, max-age=90
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Mon, 18 Jan 2021 19:02:05 GMT
location
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
referrer-policy
unsafe-url
server
nginx
set-cookie
_bit=l0ij25-84a9fa7a063d4bbc1b-002; Domain=ept.ms; Expires=Sat, 17 Jul 2021 19:02:05 GMT
strict-transport-security
max-age=1209600
content-length
187
template.css
subs.youmaker.com/lib/
8 KB
9 KB
Stylesheet
General
Full URL
https://subs.youmaker.com/lib/template.css
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:05 GMT
via
1.1 google
last-modified
Fri, Jan 15 2021 18:49:48 GMT
server
nginx/1.16.1
content-type
text/css; charset=utf-8
accept-ranges
bytes
alt-svc
clear
content-length
8659
bootstrap.min.css
services.epoch.cloud/public-labs/files/static-assets/
135 KB
19 KB
Stylesheet
General
Full URL
https://services.epoch.cloud/public-labs/files/static-assets/bootstrap.min.css
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae17ae5a47fed0018cddbf7d70149908e15bc69522c8c584fc079b715e2593a

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Feb 2020 19:09:01 GMT
server
cloudflare
age
2011
etag
W/"5e4d87cd-21ae2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mG8i6ZKZeKfZzUWbw1bGrLWoepln7N5Lz5VEIYAUbG4WTe599%2B8gUTf1ibRtBKDN5NuPXrmxCF42MwTT7zbQ2Ucje07Cm4jjwRZHcKrQg79lQfiqNFcpukp2HdUlLqrz1A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
613a917e2df64a92-FRA
cf-request-id
07b87942db00004a92ba86e000000001
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/
86 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 18:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1921
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jan 2022 18:30:04 GMT
stylesheet.css
subscribe.theepochtimes.com/p/static/vidlp01/
956 B
525 B
Stylesheet
General
Full URL
https://subscribe.theepochtimes.com/p/static/vidlp01/stylesheet.css
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
289645e48a924745ce586e06f6b857ae631333355913835e515b31cd8b1e959b

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
content-encoding
gzip
last-modified
Tue, 01 Dec 2020 01:21:35 GMT
server
nginx/1.16.1
etag
"5fc59a9f-3bc"
x-hw
1610996525.cds092.lo4.hn,1610996525.cds097.lo4.sc,1610996526.cds097.lo4.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
391
EET-logo-desk.png
subscribe.theepochtimes.com/p/static/vidlp01/img/
12 KB
12 KB
Image
General
Full URL
https://subscribe.theepochtimes.com/p/static/vidlp01/img/EET-logo-desk.png
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
112403faeec4b3e37c0fed78afb8fa0836a746e4fd7a2eb7a2f0b97e8e768ea2

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
last-modified
Tue, 01 Dec 2020 01:21:35 GMT
server
nginx/1.16.1
etag
"5fc59a9f-2ec5"
x-hw
1610996526.cds092.lo4.hn,1610996526.cds103.lo4.sc,1610996526.cds103.lo4.pr
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
11973
EET-logo-mobile.png
subscribe.theepochtimes.com/p/static/vidlp01/img/
9 KB
10 KB
Image
General
Full URL
https://subscribe.theepochtimes.com/p/static/vidlp01/img/EET-logo-mobile.png
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
95584c21046ed57fc023f823c2165b33075265d27b0b4f80e9f0bcb21e9e5691

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
last-modified
Tue, 01 Dec 2020 01:21:35 GMT
server
nginx/1.16.1
etag
"5fc59a9f-25a8"
x-hw
1610996526.cds092.lo4.hn,1610996526.cds252.lo4.sc,1610996526.cds252.lo4.pr
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
9640
jquery.cookie.js
subscribe.theepochtimes.com/p/shared/common/
3 KB
2 KB
Script
General
Full URL
https://subscribe.theepochtimes.com/p/shared/common/jquery.cookie.js
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 18:43:36 GMT
server
nginx/1.16.1
etag
"5e4d81d8-c44"
x-hw
1610996526.cds092.lo4.hn,1610996526.cds273.lo4.sc,1610996526.cds273.lo4.pr
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
1395
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/
25 KB
6 KB
Script
General
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cdf3a3cc199ea5648a63e89495344476f3b2214e9b4499131dbd40ba9d5f7b

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Jan 2021 19:56:27 GMT
server
cloudflare
age
5548
etag
W/"5ff4c46b-6227"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5nr1cb%2FjWUCKa%2BrquElPvTHxvT4kEJGnrKPyh8KJqTknvWaMHPQjLWFph6a%2BJZmnBrD%2BbqCeLJzRfik%2FeMMVhdVmCYwifqO5VBweNfzXKMs%2FkQ0%2BeW1emPUnNXM%2FjLcBnA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
613a9180ae044a92-FRA
cf-request-id
07b879446e00004a92ef2de000000001
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
42 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5200572
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
10429
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
x-served-by
cache-fra19165-FRA
date
Mon, 18 Jan 2021 19:02:06 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
app.js
subscribe.theepochtimes.com/p/static/vidlp01/
656 B
675 B
Script
General
Full URL
https://subscribe.theepochtimes.com/p/static/vidlp01/app.js
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a6af31e4cc900a2c207bd70a073074b3bbfc9b0c957f0b3d8e02301ed4645dcd

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
content-encoding
gzip
last-modified
Tue, 01 Dec 2020 01:21:35 GMT
server
nginx/1.16.1
etag
"5fc59a9f-290"
x-hw
1610996526.cds092.lo4.hn,1610996526.cds068.lo4.sc,1610996526.cds068.lo4.pr
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
549
A1808333-1bb8-439e-8ce6-e74079c7ebd31.js
d.impactradius-event.com/
41 KB
13 KB
Script
General
Full URL
https://d.impactradius-event.com/A1808333-1bb8-439e-8ce6-e74079c7ebd31.js
Requested by
Host: subscribe.theepochtimes.com
URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da4420e68ce043f881c17607d47ac851f67ac983b5ac6c0580b41142046c790f

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 18:58:42 GMT
content-encoding
gzip
age
204
x-guploader-uploadid
ABg5-Uxw6-0dA98QlI8R3IlKNFiF0guug-6psee5ZZnJ3oNy7r6iFwAWEcNFR8OzstHeUwdc5ENT-951igFTqXp9GloViA6hXQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
13066
last-modified
Fri, 13 Nov 2020 02:33:12 GMT
server
UploadServer
etag
"9feae211187f54b8abb5596bad0f1b5e"
vary
Accept-Encoding
x-goog-hash
crc32c=pyH6uQ==, md5=n+riERh/VLirtVlrrQ8bXg==
x-goog-generation
1605234792048049
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13066
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Mon, 18 Jan 2021 19:03:42 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6154
date
Mon, 18 Jan 2021 17:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 18 Jan 2021 19:19:32 GMT
api.bundle.js
subs.youmaker.com/lib/
236 KB
237 KB
Script
General
Full URL
https://subs.youmaker.com/lib/api.bundle.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
47cc6748df35c36bce0ed72752de35180c183f4070da5483db43023a5f657c32

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:06 GMT
via
1.1 google
last-modified
Fri, Jan 15 2021 18:49:48 GMT
server
nginx/1.16.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
clear
content-length
241978
chargebee.js
js.chargebee.com/v2/
142 KB
43 KB
Script
General
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-96.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b33b514c3560b8bb0ed30ed21999944267e6a8d4a3c3c0c62e2f62704f40872a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
r4qrMCfDlk2a4KPXgwBZVEf8pVO05014
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 14 Jan 2021 16:28:42 GMT
server
AmazonS3
age
55
etag
W/"746c7b8dcafec802cdfc58035de781da"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 18 Jan 2021 19:01:12 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xkQRAo6wtSKIQie7YGld7BjYYYx8f5Rvt20Hp9IgZgJkiRQNDcjBng==
get
subs.youmaker.com/template/
199 B
461 B
XHR
General
Full URL
https://subs.youmaker.com/template/get?tid=23aa65c3-d7fe-489e-8ec6-04d2ebaf7b90&sid=www.theepochtimes.com&version=1&siteid=www.theepochtimes.com&uid=0ad926e7-5084-419c-8240-9a83f1ea1e77
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
7255b50b1977eab4999b9371cda7e3add632e58d80d699e22258b124e6ace791

Request headers

Accept
application/json, text/plain, */*
Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 19:02:07 GMT
via
1.1 google
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://subscribe.theepochtimes.com
alt-svc
clear
content-length
199
1-7bce25bf1e481be0d5dd.js
js.chargebee.com/v2/
55 KB
17 KB
Script
General
Full URL
https://js.chargebee.com/v2/1-7bce25bf1e481be0d5dd.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-96.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4830cd87b7cbadcb26d0f49e307d08a4c9d10577e3f8e0d715d5f3dfcf1326f3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
gcUFt0kuczAGxoivuUZd1m43Sp7djY.V
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 16:28:42 GMT
server
AmazonS3
age
114
etag
"c2ce756f5d4b2e59974228c0cbbed1e8"
vary
Accept-Encoding
strict-transport-security
max-age=300; includeSubdomains; preload
content-type
application/x-javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 18 Jan 2021 19:00:14 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
B_fi4rB91prti3Yc8Ui6u2NmcbK62_mab4XCkz3Ot5p-1VqIjDMSQw==
13-3b0792b5258c8283ccf1.js
js.chargebee.com/v2/
16 KB
5 KB
Script
General
Full URL
https://js.chargebee.com/v2/13-3b0792b5258c8283ccf1.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-96.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c9b63004970042649b924c300fb1277beabbc75790ad3dfc4e4f701bf98bbe7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
CjcGJ8.yezuoq_Sa5qNFP3JjWHe7gzIp
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 14 Jan 2021 16:28:41 GMT
server
AmazonS3
age
153
etag
W/"4a60dc1807315049791980c65c478bbc"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 18 Jan 2021 18:59:35 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HoYGjosxgF0HIFl11GJtwjkoJsX_ONa2pNyVGO0e9pT3IXcOC1cx7g==
show
subs.youmaker.com/template/ Frame DF9F
0
0
Document
General
Full URL
https://subs.youmaker.com/template/show?tid=23aa65c3-d7fe-489e-8ec6-04d2ebaf7b90&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fsubscribe.theepochtimes.com%2Fp%2F%3Fpage%3Dvidlp01%26utm_source%3Dnewsnoeshare%26utm_medium%3Demail&tn=Video%20LP%20RW&shareToken=undefined&isLP=true
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
subs.youmaker.com
:scheme
https
:path
/template/show?tid=23aa65c3-d7fe-489e-8ec6-04d2ebaf7b90&sid=www.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fsubscribe.theepochtimes.com%2Fp%2F%3Fpage%3Dvidlp01%26utm_source%3Dnewsnoeshare%26utm_medium%3Demail&tn=Video%20LP%20RW&shareToken=undefined&isLP=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email

Response headers

server
nginx/1.16.1
date
Mon, 18 Jan 2021 19:02:07 GMT
content-type
text/html; charset=utf-8
via
1.1 google
alt-svc
clear
collect
www.google-analytics.com/j/
4 B
77 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1613220420&t=event&_s=1&dl=https%3A%2F%2Fsubscribe.theepochtimes.com%2Fp%2F%3Fpage%3Dvidlp01%26utm_source%3Dnewsnoeshare%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Epoch%20Times%20for%20%241&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3ARegistration%20Wall&ea=Impression&el=Registration%20Wall%3A%20Referral%20Invite%20Accept&ev=0&_u=KHBAAEABAAAAAC~&jid=1782791397&gjid=503761567&cid=478219640.1610996526&tid=UA-10465455-30&_gid=1589740789.1610996526&_r=1&_slc=1&z=1159080640
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 19:02:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subscribe.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
63 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1613220420&t=event&_s=2&dl=https%3A%2F%2Fsubscribe.theepochtimes.com%2Fp%2F%3Fpage%3Dvidlp01%26utm_source%3Dnewsnoeshare%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Epoch%20Times%20for%20%241&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3AInline%20SignUp%20Meter&ea=Impression%20-%20Referral%20Invite%20Accept&el=&ev=0&_u=KHBAAEABAAAAAC~&jid=&gjid=&cid=478219640.1610996526&tid=UA-10465455-30&_gid=1589740789.1610996526&z=1659154177
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 09:49:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33177
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1613220420&t=event&_s=3&dl=https%3A%2F%2Fsubscribe.theepochtimes.com%2Fp%2F%3Fpage%3Dvidlp01%26utm_source%3Dnewsnoeshare%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Epoch%20Times%20for%20%241&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20membership&ea=membership%20modal%20impression%20Referral%20Invite%20Accept&el=%2Fp%2F&ev=%5Bobject%20Object%5D&_u=KHBAAEABAAAAAC~&jid=&gjid=&cid=478219640.1610996526&tid=UA-10465455-30&_gid=1589740789.1610996526&z=1564477302
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 09:49:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33177
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
95 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-10465455-30&cid=478219640.1610996526&jid=1782791397&gjid=503761567&_gid=1589740789.1610996526&_u=KHBAAEAAAAAAAC~&z=352117185
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Jan 2021 19:02:07 GMT
content-type
text/plain
access-control-allow-origin
https://subscribe.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-10465455-30&cid=478219640.1610996526&jid=1782791397&_u=KHBAAEAAAAAAAC~&z=2136631530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 19:02:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-10465455-30&cid=478219640.1610996526&jid=1782791397&_u=KHBAAEAAAAAAAC~&z=2136631530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 19:02:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| ire_o function| ire function| international_redirects function| _admin_subs_debug_on function| _admin_subs_debug_off object| timeago function| mobilecheck function| $ function| jQuery object| ETUtils string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ImpactRadiusEvent object| irEvent object| ep string| userToken string| userId object| regeneratorRuntime object| MicroModal function| expired object| epSubs object| extractedURLParams object| cbJsonP function| Chargebee object| __SENTRY__

3 Cookies

Domain/Path Name / Value
.theepochtimes.com/ Name: _gid
Value: GA1.2.1589740789.1610996526
.theepochtimes.com/ Name: _ga
Value: GA1.2.478219640.1610996526
subscribe.theepochtimes.com/ Name: PHPSESSID
Value: eqcsblgodjdv73aqeq865ct455

6 Console Messages

Source Level URL
Text
console-api log URL: https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js(Line 700)
Message:
Ga created
console-api log URL: https://subs.youmaker.com/lib/api.bundle.js(Line 8)
Message:
Config.ApiHost : https://subs.youmaker.com
console-api log URL: https://subs.youmaker.com/lib/api.bundle.js(Line 8)
Message:
Config.AuthHost : https://auth.youmaker.com
console-api error URL: https://subs.youmaker.com/lib/api.bundle.js(Line 30)
Message:
[PIPA] No plan_id when executing paywall rules.
console-api log URL: https://subscribe.theepochtimes.com/p/?page=vidlp01&utm_source=newsnoeshare&utm_medium=email(Line 173)
Message:
[LOADING PIPA SUCCESS] hostUrl= https://subs.youmaker.com/lib/api.bundle.js
console-api log URL: https://subs.youmaker.com/lib/api.bundle.js(Line 8)
Message:
[PIPA] get Template Info: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
d.impactradius-event.com
ept.ms
js.chargebee.com
lists.youmaker.com
services.epoch.cloud
stats.g.doubleclick.net
subs.youmaker.com
subscribe.theepochtimes.com
www.google-analytics.com
www.google.com
www.google.de
143.204.94.96
151.139.128.11
2606:4700:3034::6815:4362
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:815::200e
2a00:1450:4001:820::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9b
2a04:4e42:3::621
35.186.249.72
35.244.243.66
64.71.159.106
67.199.248.13
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
112403faeec4b3e37c0fed78afb8fa0836a746e4fd7a2eb7a2f0b97e8e768ea2
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
289645e48a924745ce586e06f6b857ae631333355913835e515b31cd8b1e959b
47cc6748df35c36bce0ed72752de35180c183f4070da5483db43023a5f657c32
4830cd87b7cbadcb26d0f49e307d08a4c9d10577e3f8e0d715d5f3dfcf1326f3
4c9b63004970042649b924c300fb1277beabbc75790ad3dfc4e4f701bf98bbe7
50cdf3a3cc199ea5648a63e89495344476f3b2214e9b4499131dbd40ba9d5f7b
7255b50b1977eab4999b9371cda7e3add632e58d80d699e22258b124e6ace791
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
95584c21046ed57fc023f823c2165b33075265d27b0b4f80e9f0bcb21e9e5691
a6af31e4cc900a2c207bd70a073074b3bbfc9b0c957f0b3d8e02301ed4645dcd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b33b514c3560b8bb0ed30ed21999944267e6a8d4a3c3c0c62e2f62704f40872a
cd745b971c4e4091850b77a88b86262014113e6d996e4c8bef904ef59a39bd48
da4420e68ce043f881c17607d47ac851f67ac983b5ac6c0580b41142046c790f
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fae17ae5a47fed0018cddbf7d70149908e15bc69522c8c584fc079b715e2593a