urlscan.io logo urlscan.io
SecurityTrails logo

www.theepochtimes.com Open in urlscan Pro
104.17.158.22  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Submission: On December 12 via manual from TR — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 134 IPs in 10 countries across 134 domains to perform 744 HTTP transactions. The main IP is 104.17.158.22, located in and belongs to CLOUDFLARENET, US. The main domain is www.theepochtimes.com. The Cisco Umbrella rank of the primary domain is 60648.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 18th 2023. Valid for: a year.
This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 104.17.158.22 13335 (CLOUDFLAR...)
5 108.138.26.47 16509 (AMAZON-02)
1 151.101.129.26 54113 (FASTLY)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
16 172.217.18.2 15169 (GOOGLE)
3 142.250.184.232 15169 (GOOGLE)
24 34.102.198.207 396982 (GOOGLE-CL...)
7 104.21.234.68 13335 (CLOUDFLAR...)
1 13.32.27.64 16509 (AMAZON-02)
2 13.32.27.66 16509 (AMAZON-02)
1 34.110.129.224 396982 (GOOGLE-CL...)
5 209.192.253.60 7979 (SERVERS-COM)
6 54.246.107.192 16509 (AMAZON-02)
5 3.225.229.133 14618 (AMAZON-AES)
11 47 51.89.9.253 16276 (OVH)
5 13.32.121.90 16509 (AMAZON-02)
5 34.250.56.77 16509 (AMAZON-02)
33 34.120.33.89 396982 (GOOGLE-CL...)
2 216.239.34.36 15169 (GOOGLE)
1 108.177.15.157 15169 (GOOGLE)
8 142.250.186.99 15169 (GOOGLE)
4 142.250.185.206 15169 (GOOGLE)
12 34.253.164.173 16509 (AMAZON-02)
7 54.154.71.108 16509 (AMAZON-02)
7 142.250.184.196 15169 (GOOGLE)
4 151.101.194.133 54113 (FASTLY)
3 142.250.185.193 15169 (GOOGLE)
4 4.7.168.74 3356 (LEVEL3)
2 4 18.239.69.99 16509 (AMAZON-02)
1 99.86.4.47 16509 (AMAZON-02)
37 142.250.185.130 15169 (GOOGLE)
3 188.114.96.3 13335 (CLOUDFLAR...)
2 174.143.223.9 33070 (RMH-14)
1 172.64.140.13 13335 (CLOUDFLAR...)
1 52.212.19.49 16509 (AMAZON-02)
1 52.49.77.78 16509 (AMAZON-02)
8 172.217.16.138 15169 (GOOGLE)
3 104.21.234.69 13335 (CLOUDFLAR...)
25 142.250.186.65 15169 (GOOGLE)
5 142.250.184.226 15169 (GOOGLE)
21 52 142.250.186.66 15169 (GOOGLE)
2 31 104.18.36.155 13335 (CLOUDFLAR...)
2 11 172.217.18.6 15169 (GOOGLE)
2 143.204.215.101 16509 (AMAZON-02)
11 13 185.89.211.116 29990 (ASN-APPNEX)
8 9 34.98.64.218 396982 (GOOGLE-CL...)
1 46 2.23.209.52 20940 (AKAMAI-ASN1)
3 2.19.198.113 20940 (AKAMAI-ASN1)
2 18.239.40.117 16509 (AMAZON-02)
2 6 91.228.74.159 16509 (AMAZON-02)
6 6 89.207.16.140 41041 (VCLK-EU-SE)
2 2 35.186.193.173 15169 (GOOGLE)
12 17 35.156.190.4 16509 (AMAZON-02)
1 2 54.154.89.200 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
4 142.250.185.98 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
5 18.66.97.128 16509 (AMAZON-02)
1 18.239.83.4 16509 (AMAZON-02)
1 23.212.202.217 16625 (AKAMAI-AS)
6 185.29.134.248 30419 (MEDIAMATH...)
38 82 69.173.144.165 26667 (RUBICONPR...)
7 7 154.57.158.25 26558 (FREEWHEEL)
5 5 80.77.87.162 46636 (NATCOWEB)
1 6 185.86.139.93 201081 (SMARTADSE...)
3 12 35.244.174.68 15169 (GOOGLE)
3 12 209.54.182.161 16509 (AMAZON-02)
17 22 185.64.190.79 62713 (AS-PUBMATIC)
24 29 3.75.62.37 16509 (AMAZON-02)
20 3.33.220.150 16509 (AMAZON-02)
2 142.250.186.74 15169 (GOOGLE)
1 2 13.107.42.14 8068 (MICROSOFT...)
1 2 178.250.1.9 44788 (ASN-CRITE...)
5 5 37.157.2.230 198622 (ADFORM)
1 1 184.86.251.219 20940 (AKAMAI-ASN1)
2 169.150.247.38 60068 (CDN77 ^_^)
1 104.16.86.20 13335 (CLOUDFLAR...)
3 52.18.111.16 16509 (AMAZON-02)
1 1 104.26.3.122 13335 (CLOUDFLAR...)
1 2 104.26.9.50 13335 (CLOUDFLAR...)
3 204.79.197.200 8068 (MICROSOFT...)
1 4 52.200.58.150 14618 (AMAZON-AES)
1 146.75.116.157 54113 (FASTLY)
1 13.32.121.5 16509 (AMAZON-02)
1 2 18.239.83.126 16509 (AMAZON-02)
1 18.66.97.52 16509 (AMAZON-02)
2 93.184.220.66 15133 (EDGECAST)
5 5 23.212.211.47 16625 (AKAMAI-AS)
10 23.52.120.246 16625 (AKAMAI-AS)
32 99.86.4.55 16509 (AMAZON-02)
6 6 185.64.191.210 62713 (AS-PUBMATIC)
5 10 35.204.158.49 396982 (GOOGLE-CL...)
11 11 98.98.134.241 21859 (ZEN-ECN)
10 10 54.194.196.88 16509 (AMAZON-02)
10 11 34.111.113.62 396982 (GOOGLE-CL...)
3 3 46.228.164.11 56396 (AMOBEE)
2 2 34.96.71.22 396982 (GOOGLE-CL...)
2 5 54.76.87.161 16509 (AMAZON-02)
1 1 3.69.181.174 16509 (AMAZON-02)
2 2 34.160.19.107 396982 (GOOGLE-CL...)
2 2 34.95.81.168 396982 (GOOGLE-CL...)
5 5 151.101.130.49 54113 (FASTLY)
5 5 52.16.22.123 16509 (AMAZON-02)
1 172.67.74.129 13335 (CLOUDFLAR...)
2 2 64.227.64.62 14061 (DIGITALOC...)
5 5 34.232.211.7 14618 (AMAZON-AES)
4 4 13.32.27.113 16509 (AMAZON-02)
4 4 193.0.160.130 54312 (ROCKETFUEL)
3 3 54.157.109.0 14618 (AMAZON-AES)
1 2 54.75.61.252 16509 (AMAZON-02)
2 72.251.241.204 32475 (SINGLEHOP...)
1 1 35.208.249.213 15169 (GOOGLE)
8 52.209.71.13 16509 (AMAZON-02)
5 104.244.42.197 13414 (TWITTER)
5 104.244.42.195 13414 (TWITTER)
1 34.251.7.23 16509 (AMAZON-02)
2 13.107.213.45 8075 (MICROSOFT...)
2 5 104.18.25.173 13335 (CLOUDFLAR...)
3 3 154.59.122.79 174 (COGENT-174)
1 54.76.12.87 16509 (AMAZON-02)
1 2 35.162.252.179 16509 (AMAZON-02)
1 104.244.42.136 13414 (TWITTER)
2 13.69.106.89 8075 (MICROSOFT...)
2 64.233.166.84 15169 (GOOGLE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 216.52.2.86 30282 (AS-INAPCD...)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
2 2 5.196.111.69 16276 (OVH)
2 2 188.42.196.115 7979 (SERVERS-COM)
8 13 69.173.144.139 26667 (RUBICONPR...)
2 13.32.99.87 16509 (AMAZON-02)
1 2 52.95.122.74 16509 (AMAZON-02)
1 23.48.23.59 20940 (AKAMAI-ASN1)
1 3.68.0.8 16509 (AMAZON-02)
1 216.52.2.16 30282 (AS-INAPCD...)
1 145.40.97.66 54825 (PACKET)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 18.66.147.95 16509 (AMAZON-02)
1 1 54.162.68.92 14618 (AMAZON-AES)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 192.132.33.67 18568 (BIDTELLECT)
6 7 46.228.174.117 56396 (AMOBEE)
1 18.195.142.193 16509 (AMAZON-02)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 169.197.150.8 398989 (DEEPINTENT)
1 64.202.112.223 22075 (AS-OUTBRAIN)
1 44.205.176.247 14618 (AMAZON-AES)
1 67.202.105.22 32748 (STEADFAST)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 5.135.209.104 16276 (OVH)
1 3.123.103.29 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 96.46.186.182 7979 (SERVERS-COM)
1 1 70.42.32.127 22075 (AS-OUTBRAIN)
1 1 38.68.201.140 174 (COGENT-174)
1 35.214.194.112 15169 (GOOGLE)
1 89.207.16.210 41041 (VCLK-EU-SE)
1 159.89.246.130 14061 (DIGITALOC...)
1 1 211.120.53.203 4694 (IDCF IDC ...)
1 1 13.32.27.108 16509 (AMAZON-02)
2 2 18.209.128.131 14618 (AMAZON-AES)
1 1 143.244.208.184 14061 (DIGITALOC...)
1 141.95.33.120 16276 (OVH)
1 1 45.137.176.88 60350 (VP)
1 18.245.60.14 16509 (AMAZON-02)
2 69.192.160.219 16625 (AKAMAI-AS)
1 3.210.93.214 14618 (AMAZON-AES)
2 2 3.125.110.167 16509 (AMAZON-02)
1 1 52.29.230.13 16509 (AMAZON-02)
2 3 52.28.254.225 16509 (AMAZON-02)
1 1 172.105.221.29 63949 (AKAMAI-LI...)
1 2 5.135.209.105 16276 (OVH)
2 216.58.206.34 15169 (GOOGLE)
1 20.119.174.243 8075 (MICROSOFT...)
744 134
43    104.17.158.22 (None, )

ASN13335 (CLOUDFLARENET, US)
www.theepochtimes.com
5    108.138.26.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-47.fra56.r.cloudfront.net
rumcdn.geoedge.be
1    151.101.129.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
16    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
24    34.102.198.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.198.102.34.bc.googleusercontent.com
subs.theepochtimes.com
7    104.21.234.68 (None, )

ASN13335 (CLOUDFLARENET, US)
services.epoch.cloud
mixproxy.epoch.cloud
1    13.32.27.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-64.fra56.r.cloudfront.net
html5.gamedistribution.com
2    13.32.27.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-66.fra56.r.cloudfront.net
html5.api.gamedistribution.com
1    34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com
pwe.epochbase.com
5    209.192.253.60 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
6    54.246.107.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
5    3.225.229.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-229-133.compute-1.amazonaws.com
exchange.postrelease.com
47    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    13.32.121.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-90.fra60.r.cloudfront.net
hb.undertone.com
5    34.250.56.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-56-77.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
33    34.120.33.89 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.33.120.34.bc.googleusercontent.com
comment.youmaker.com
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net
stats.g.doubleclick.net
8    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.ch
www.gstatic.com
4    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
12    34.253.164.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
msgrt.gamedistribution.com
7    54.154.71.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
game.api.gamedistribution.com
tag.atom.gamedistribution.com
7    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
4    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
mp.theepochtimes.com
3    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
4    4.7.168.74 (Hazleton, United States)

ASN3356 (LEVEL3, US)
ea.epochbase.com
4    18.239.69.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-99.ams58.r.cloudfront.net
pm.azerioncircle.com
1    99.86.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-47.fra6.r.cloudfront.net
cdn.gamemonkey.org
37    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ana.headerlift.com
pub.headerlift.com
2    174.143.223.9 (United States)

ASN33070 (RMH-14, US)
gamedistribution.arkadiumarena.com
1    172.64.140.13 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    52.212.19.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-19-49.eu-west-1.compute.amazonaws.com
tracker.gamemonkey.org
1    52.49.77.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-77-78.eu-west-1.compute.amazonaws.com
tracker-v4.gamedock.io
8    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
3    104.21.234.69 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.epoch.cloud
subsapi.epoch.cloud
25    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
52    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
31    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
11    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
s0.2mdn.net
ad.doubleclick.net
2    143.204.215.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-101.fra53.r.cloudfront.net
hb.improvedigital.com
13    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
9    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
46    2.23.209.52 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-52.deploy.static.akamaitechnologies.com
ams.cdn.arkadiumhosted.com
arenacommonservices.cdn.arkadiumhosted.com
arenaservices.cdn.arkadiumhosted.com
arenaconnect.cdn.arkadiumhosted.com
arenacloud.cdn.arkadiumhosted.com
3    2.19.198.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-113.deploy.static.akamaitechnologies.com
img.theepochtimes.com
2    18.239.40.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-40-117.ams58.r.cloudfront.net
gw.geoedge.be
6    91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
secure.quantserve.com
pixel.quantserve.com
6    89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com
dclk-match.dotomi.com
casale-match.dotomi.com
rubicon-match.dotomi.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
cm.ctnsnet.com
17    35.156.190.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.154.89.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-89-200.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
adservice.google.com
5    18.66.97.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-128.fra56.r.cloudfront.net
cdn.undertone.com
1    18.239.83.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-4.ams58.r.cloudfront.net
sdk.minutemedia-prebid.com
1    23.212.202.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-202-217.deploy.static.akamaitechnologies.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
82    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
7    154.57.158.25 (Amsterdam, Netherlands)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
5    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
6    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
12    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
12    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
22    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
29    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
20    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
imasdk.googleapis.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    184.86.251.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-219.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
2    169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net
tentacles.smartocto.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    52.18.111.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
ingestion.contentinsights.com
1    104.26.3.122 (None, )

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
2    104.26.9.50 (None, )

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
3    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
4    52.200.58.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-58-150.compute-1.amazonaws.com
tags.wdsvc.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.32.121.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-5.fra60.r.cloudfront.net
js.alocdn.com
2    18.239.83.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-126.ams58.r.cloudfront.net
sb.scorecardresearch.com
1    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net
rules.quantcount.com
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
32    99.86.4.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-55.fra6.r.cloudfront.net
usr.undertone.com
6    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
11    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
10    54.194.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
11    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
5    54.76.87.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    3.69.181.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-174.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
2    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
rubiconcm.digitaleast.mobi
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.16.22.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-22-123.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
5    34.232.211.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-211-7.compute-1.amazonaws.com
i.liadm.com
4    13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net
live.rezync.com
4    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
3    54.157.109.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-109-0.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.75.61.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-61-252.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
8    52.209.71.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
cs.yellowblue.io
5    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
5    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.251.7.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-7-23.eu-west-1.compute.amazonaws.com
api.smartocto.com
2    13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    54.76.12.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-12-87.eu-west-1.compute.amazonaws.com
ingestion.smartocto.com
2    35.162.252.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-252-179.us-west-2.compute.amazonaws.com
p.alocdn.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    13.69.106.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    64.233.166.84 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f84.1e100.net
accounts.google.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    5.196.111.69 (France)

ASN16276 (OVH, FR)
PTR: ip69.ip-5-196-111.eu
ssbsync.smartadserver.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
13    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    13.32.99.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-87.fra60.r.cloudfront.net
cti.w55c.net
2    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.48.23.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-59.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    3.68.0.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-0-8.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    18.66.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-95.fra60.r.cloudfront.net
live.primis.tech
1    54.162.68.92 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-68-92.compute-1.amazonaws.com
sync.ipredictive.com
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 67.bidtellect.com
bttrack.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    18.195.142.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-142-193.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    44.205.176.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-176-247.compute-1.amazonaws.com
i6.liadm.com
1    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    5.135.209.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-5-135-209.eu
rtb-csync.smartadserver.com
1    3.123.103.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-103-29.eu-central-1.compute.amazonaws.com
crb.kargo.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid-s2s.media.net
1    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
rbp.mxptint.net
1    35.214.194.112 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 112.194.214.35.bc.googleusercontent.com
csync.loopme.me
1    89.207.16.210 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-convex-float1.dotomi.com
match.sync.ad.cpe.dotomi.com
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    211.120.53.203 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net
s.ad.smaato.net
2    18.209.128.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-128-131.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
1    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    18.245.60.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-14.fra60.r.cloudfront.net
sync.intentiq.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
1    3.210.93.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-93-214.compute-1.amazonaws.com
rtb.adentifi.com
2    3.125.110.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-110-167.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    52.29.230.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-230-13.eu-central-1.compute.amazonaws.com
i.w55c.net
3    52.28.254.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com
pm.w55c.net
tags.w55c.net
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com
rcp.c.appier.net
2    5.135.209.105 (France)

ASN16276 (OVH, FR)
PTR: ip105.ip-5-135-209.eu
sync.smartadserver.com
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
ade.googlesyndication.com
1    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
Apex Domain
Subdomains		 Transfer
110 rubiconproject.com
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
150 KB
75 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
ad.doubleclick.net — Cisco Umbrella Rank: 139
393 KB
74 theepochtimes.com
www.theepochtimes.com — Cisco Umbrella Rank: 60648
subs.theepochtimes.com — Cisco Umbrella Rank: 89298
mp.theepochtimes.com — Cisco Umbrella Rank: 87012
img.theepochtimes.com — Cisco Umbrella Rank: 41836
1 MB
67 googlesyndication.com
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
787 KB
47 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
26 KB
46 arkadiumhosted.com
ams.cdn.arkadiumhosted.com — Cisco Umbrella Rank: 47158
arenacommonservices.cdn.arkadiumhosted.com — Cisco Umbrella Rank: 244185
arenaservices.cdn.arkadiumhosted.com — Cisco Umbrella Rank: 187798
arenaconnect.cdn.arkadiumhosted.com — Cisco Umbrella Rank: 196209
arenacloud.cdn.arkadiumhosted.com — Cisco Umbrella Rank: 52579
4 MB
42 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3939
cdn.undertone.com — Cisco Umbrella Rank: 3126
usr.undertone.com — Cisco Umbrella Rank: 1822
29 KB
33 youmaker.com
comment.youmaker.com — Cisco Umbrella Rank: 88299
356 KB
31 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
22 KB
29 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
6 KB
28 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 661
image2.pubmatic.com — Cisco Umbrella Rank: 859
6 KB
22 gamedistribution.com
html5.gamedistribution.com — Cisco Umbrella Rank: 28736
html5.api.gamedistribution.com — Cisco Umbrella Rank: 27960
msgrt.gamedistribution.com — Cisco Umbrella Rank: 26784
game.api.gamedistribution.com — Cisco Umbrella Rank: 30083
tag.atom.gamedistribution.com — Cisco Umbrella Rank: 29160
307 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
insight.adsrvr.org — Cisco Umbrella Rank: 557
3 KB
17 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
6 KB
14 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
9 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
10 KB
13 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3730
sdk.minutemedia-prebid.com — Cisco Umbrella Rank: 6973
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777
13 KB
12 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 711
idsync.rlcdn.com — Cisco Umbrella Rank: 408
608 B
12 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
sync.smartadserver.com — Cisco Umbrella Rank: 1285
2 KB
12 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 93
accounts.google.com — Cisco Umbrella Rank: 23
82 KB
11 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
3 KB
11 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
7 KB
10 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
5 KB
10 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
5 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
372 KB
10 epoch.cloud
services.epoch.cloud — Cisco Umbrella Rank: 97165
mixproxy.epoch.cloud — Cisco Umbrella Rank: 91997
cdn.epoch.cloud — Cisco Umbrella Rank: 108015
subsapi.epoch.cloud — Cisco Umbrella Rank: 101933
227 KB
9 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
1 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
313 KB
8 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
analytics.twitter.com — Cisco Umbrella Rank: 713
syndication.twitter.com — Cisco Umbrella Rank: 1549
135 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
4 KB
7 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
casale-match.dotomi.com — Cisco Umbrella Rank: 2999
rubicon-match.dotomi.com — Cisco Umbrella Rank: 1918
match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1436
2 KB
7 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3375
gw.geoedge.be — Cisco Umbrella Rank: 4631
269 KB
6 w55c.net
cti.w55c.net — Cisco Umbrella Rank: 2709
i.w55c.net — Cisco Umbrella Rank: 1431
pm.w55c.net — Cisco Umbrella Rank: 818
tags.w55c.net — Cisco Umbrella Rank: 3591
18 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
3 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
3 KB
6 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
11 KB
6 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
4 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
3 KB
5 t.co
t.co — Cisco Umbrella Rank: 589
1 KB
5 gstatic.com
www.gstatic.com
33 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1 KB
5 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1658
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
5 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
321 KB
5 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 4927
2 KB
5 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1354
706 B
5 epochbase.com
pwe.epochbase.com — Cisco Umbrella Rank: 83926
ea.epochbase.com — Cisco Umbrella Rank: 84986
852 B
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
a.rfihub.com — Cisco Umbrella Rank: 2935
5 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
3 KB
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 38198
30 KB
4 smartocto.com
tentacles.smartocto.com — Cisco Umbrella Rank: 21508
api.smartocto.com — Cisco Umbrella Rank: 20504
ingestion.smartocto.com — Cisco Umbrella Rank: 18374
17 KB
4 azerioncircle.com
pm.azerioncircle.com — Cisco Umbrella Rank: 31719
22 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
83 KB
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
2 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
r.clarity.ms — Cisco Umbrella Rank: 7434
22 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
3 turn.com
d.turn.com Failed
ad.turn.com — Cisco Umbrella Rank: 773
1 KB
3 alocdn.com
js.alocdn.com — Cisco Umbrella Rank: 68184
p.alocdn.com — Cisco Umbrella Rank: 6159
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
15 KB
3 contentinsights.com
ingestion.contentinsights.com — Cisco Umbrella Rank: 27227
264 B
3 headerlift.com
ana.headerlift.com — Cisco Umbrella Rank: 30719
pub.headerlift.com — Cisco Umbrella Rank: 31627
1 KB
3 google.ch
www.google.ch — Cisco Umbrella Rank: 30501
670 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
259 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4323
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 848
tags.bluekai.com — Cisco Umbrella Rank: 638
860 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
872 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
521 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
588 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
737 B
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786
281 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
565 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
1 KB
2 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274
rubiconcm.digitaleast.mobi — Cisco Umbrella Rank: 2928
463 B
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
592 B
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
732 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
730 B
2 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 6832
3 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
892 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
918 B
2 media.net
cs.media.net — Cisco Umbrella Rank: 1381
prebid-s2s.media.net — Cisco Umbrella Rank: 2564
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
1 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
942 B
2 improvedigital.com
hb.improvedigital.com — Cisco Umbrella Rank: 29064
238 KB
2 arkadiumarena.com
gamedistribution.arkadiumarena.com — Cisco Umbrella Rank: 634665
3 KB
2 gamemonkey.org
cdn.gamemonkey.org — Cisco Umbrella Rank: 38888
tracker.gamemonkey.org — Cisco Umbrella Rank: 26401
13 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
14 KB
1 appier.net
rcp.c.appier.net — Cisco Umbrella Rank: 2892
411 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
285 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
687 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
921 B
1 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 1433
310 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
537 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
877 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2290
405 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
155 B
1 mxptint.net
rbp.mxptint.net — Cisco Umbrella Rank: 2854
692 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
316 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 1642
253 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 910
374 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
471 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
173 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 904
73 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
145 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
44 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1547
326 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1747
441 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
186 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
163 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
493 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
526 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
187 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
315 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
372 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3915
595 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
455 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 40596
546 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
8 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2266
933 B
1 rackcdn.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 42503
5 KB
1 gamedock.io
tracker-v4.gamedock.io — Cisco Umbrella Rank: 31691
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
9 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
619 B
744 134
Domain Requested by
76 pixel.rubiconproject.com 37 redirects onetag-sys.com
cdn.undertone.com
eus.rubiconproject.com
52 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
onetag-sys.com
www.theepochtimes.com
cdn.undertone.com
47 onetag-sys.com 11 redirects www.theepochtimes.com
onetag-sys.com
sdk.minutemedia-prebid.com
43 www.theepochtimes.com www.theepochtimes.com
37 pagead2.googlesyndication.com html5.api.gamedistribution.com
rumcdn.geoedge.be
pagead2.googlesyndication.com
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.theepochtimes.com
www.googletagservices.com
imasdk.googleapis.com
googleads.g.doubleclick.net
33 comment.youmaker.com www.theepochtimes.com
comment.youmaker.com
32 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
25 ams.cdn.arkadiumhosted.com 1 redirects gamedistribution.arkadiumarena.com
arenaconnect.cdn.arkadiumhosted.com
ams.cdn.arkadiumhosted.com
www.theepochtimes.com
25 tpc.googlesyndication.com rumcdn.geoedge.be
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.theepochtimes.com
googleads.g.doubleclick.net
24 ups.analytics.yahoo.com 19 redirects onetag-sys.com
24 subs.theepochtimes.com www.theepochtimes.com
subs.theepochtimes.com
23 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
22 image8.pubmatic.com 17 redirects onetag-sys.com
18 arenaservices.cdn.arkadiumhosted.com arenacommonservices.cdn.arkadiumhosted.com
arenaservices.cdn.arkadiumhosted.com
17 match.adsrvr.org onetag-sys.com
cdn.undertone.com
ssum-sec.casalemedia.com
17 x.bidswitch.net 12 redirects onetag-sys.com
13 token.rubiconproject.com 8 redirects eus.rubiconproject.com
12 s.amazon-adsystem.com 3 redirects onetag-sys.com
ssum-sec.casalemedia.com
cdn.undertone.com
12 msgrt.gamedistribution.com html5.api.gamedistribution.com
11 pixel.tapad.com 10 redirects cdn.undertone.com
11 pixel-sync.sitescout.com 11 redirects
11 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
cdn.undertone.com
10 sync.crwdcntrl.net 10 redirects
10 um.simpli.fi 5 redirects cdn.undertone.com
10 eus.rubiconproject.com cdn.undertone.com
eus.rubiconproject.com
9 us-u.openx.net 8 redirects googleads.g.doubleclick.net
9 s0.2mdn.net rumcdn.geoedge.be
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
s0.2mdn.net
imasdk.googleapis.com
9 googleads.g.doubleclick.net rumcdn.geoedge.be
pagead2.googlesyndication.com
8 fonts.googleapis.com gamedistribution.arkadiumarena.com
ams.cdn.arkadiumhosted.com
googleads.g.doubleclick.net
rumcdn.geoedge.be
7 cs.minutemedia-prebid.com sdk.minutemedia-prebid.com
onetag-sys.com
cdn.undertone.com
7 ssum-sec.casalemedia.com cdn.undertone.com
ssum-sec.casalemedia.com
7 id.rlcdn.com onetag-sys.com
cdn.undertone.com
7 ads.stickyadstv.com 7 redirects
7 www.google.com www.theepochtimes.com
rumcdn.geoedge.be
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 securepubads.g.doubleclick.net www.theepochtimes.com
rumcdn.geoedge.be
securepubads.g.doubleclick.net
www.googletagservices.com
6 image2.pubmatic.com 6 redirects
6 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
6 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
6 sync.mathtag.com onetag-sys.com
5 sync.1rx.io 5 redirects
5 analytics.twitter.com www.theepochtimes.com
5 t.co www.theepochtimes.com
5 www.gstatic.com googleads.g.doubleclick.net
5 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
5 i.liadm.com 5 redirects
5 match.prod.bidr.io 5 redirects
5 sync-tm.everesttech.net 5 redirects
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
5 pixel.advertising.com 5 redirects
5 secure-assets.rubiconproject.com 5 redirects
5 c1.adform.net 5 redirects
5 cs.admanmedia.com 5 redirects
5 cdn.undertone.com www.theepochtimes.com
5 www.googletagservices.com rumcdn.geoedge.be
googleads.g.doubleclick.net
5 hb.minutemedia-prebid.com www.theepochtimes.com
5 hb.undertone.com www.theepochtimes.com
5 exchange.postrelease.com www.theepochtimes.com
5 hb-api.omnitagjs.com www.theepochtimes.com
5 colossusssp.com www.theepochtimes.com
5 rumcdn.geoedge.be www.theepochtimes.com
rumcdn.geoedge.be
4 live.rezync.com 4 redirects
4 tags.wdsvc.net 1 redirects www.theepochtimes.com
tags.wdsvc.net
4 googleads4.g.doubleclick.net rumcdn.geoedge.be
4 cms.quantserve.com 2 redirects c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
4 pm.azerioncircle.com 2 redirects www.theepochtimes.com
gamedistribution.arkadiumarena.com
4 ea.epochbase.com subs.theepochtimes.com
4 mp.theepochtimes.com www.theepochtimes.com
4 game.api.gamedistribution.com html5.api.gamedistribution.com
4 www.google-analytics.com subs.theepochtimes.com
html5.api.gamedistribution.com
ams.cdn.arkadiumhosted.com
4 services.epoch.cloud www.theepochtimes.com
rumcdn.geoedge.be
3 insight.adsrvr.org www.theepochtimes.com
3 ums.acuityplatform.com 3 redirects
3 a.tribalfusion.com 2 redirects cdn.undertone.com
3 sync.srv.stackadapt.com 3 redirects
3 ad.turn.com 3 redirects
3 bat.bing.com www.theepochtimes.com
rumcdn.geoedge.be
3 ingestion.contentinsights.com www.theepochtimes.com
3 img.theepochtimes.com comment.youmaker.com
3 mixproxy.epoch.cloud services.epoch.cloud
mixproxy.epoch.cloud
3 tag.atom.gamedistribution.com html5.api.gamedistribution.com
3 c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
3 www.google.ch www.theepochtimes.com
3 www.googletagmanager.com www.theepochtimes.com
www.googletagmanager.com
2 ade.googlesyndication.com c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
2 sync.smartadserver.com 1 redirects eus.rubiconproject.com
2 pm.w55c.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 beacon.lynx.cognitivlabs.com 2 redirects
2 rtb-csync.smartadserver.com cdn.undertone.com
2 rubicon-match.dotomi.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects cdn.undertone.com
2 capi.connatix.com 1 redirects cdn.undertone.com
2 aax-eu.amazon-adsystem.com 1 redirects cdn.undertone.com
2 cti.w55c.net eus.rubiconproject.com
cti.w55c.net
2 ads.betweendigital.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 bh.contextweb.com 2 redirects
2 eb2.3lift.com 2 redirects
2 accounts.google.com rumcdn.geoedge.be
2 dc.services.visualstudio.com ams.cdn.arkadiumhosted.com
2 p.alocdn.com 1 redirects www.theepochtimes.com
2 a.rfihub.com 2 redirects
2 s.tribalfusion.com www.theepochtimes.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 cm.adgrx.com ssum-sec.casalemedia.com
cdn.undertone.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 dmp.brand-display.com 2 redirects
2 secure.adnxs.com 2 redirects
2 s.company-target.com 2 redirects
2 platform.twitter.com ams.cdn.arkadiumhosted.com
platform.twitter.com
2 sb.scorecardresearch.com 1 redirects www.theepochtimes.com
2 a.clickcertain.com 1 redirects www.theepochtimes.com
2 tentacles.smartocto.com rumcdn.geoedge.be
2 dis.criteo.com 1 redirects c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
2 px.ads.linkedin.com 1 redirects cdn.undertone.com
2 imasdk.googleapis.com html5.api.gamedistribution.com
imasdk.googleapis.com
2 ad.doubleclick.net 2 redirects
2 ads.yieldmo.com 1 redirects cdn.undertone.com
2 dclk-match.dotomi.com 2 redirects
2 gw.geoedge.be rumcdn.geoedge.be
2 subsapi.epoch.cloud www.theepochtimes.com
2 hb.improvedigital.com html5.api.gamedistribution.com
hb.improvedigital.com
2 gamedistribution.arkadiumarena.com html5.gamedistribution.com
ams.cdn.arkadiumhosted.com
2 ana.headerlift.com html5.api.gamedistribution.com
2 region1.analytics.google.com www.googletagmanager.com
2 html5.api.gamedistribution.com html5.gamedistribution.com
gamedistribution.arkadiumarena.com
2 unpkg.com 1 redirects www.theepochtimes.com
1 tags.bluekai.com cti.w55c.net
1 tags.w55c.net cti.w55c.net
1 r.clarity.ms www.clarity.ms
1 rcp.c.appier.net 1 redirects
1 rubiconcm.digitaleast.mobi 1 redirects
1 i.w55c.net 1 redirects
1 rtb.adentifi.com eus.rubiconproject.com
1 stags.bluekai.com eus.rubiconproject.com
1 sync.intentiq.com eus.rubiconproject.com
1 sync.adotmob.com 1 redirects
1 id5-sync.com eus.rubiconproject.com
1 sid.storygize.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 tg.socdm.com 1 redirects
1 e.serverbid.com cdn.undertone.com
1 match.sync.ad.cpe.dotomi.com cdn.undertone.com
1 csync.loopme.me cdn.undertone.com
1 rbp.mxptint.net 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.aniview.com cdn.undertone.com
1 prebid-s2s.media.net cdn.undertone.com
1 crb.kargo.com cdn.undertone.com
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com cdn.undertone.com
1 ssc-cms.33across.com cdn.undertone.com
1 i6.liadm.com cdn.undertone.com
1 sync.outbrain.com cdn.undertone.com
1 match.deepintent.com cdn.undertone.com
1 visitor.omnitagjs.com cdn.undertone.com
1 cs.yellowblue.io cdn.undertone.com
1 s2s.t13.io cdn.undertone.com
1 exchange.mediavine.com cdn.undertone.com
1 bttrack.com cdn.undertone.com
1 s.seedtag.com cdn.undertone.com
1 sync.ipredictive.com 1 redirects
1 live.primis.tech cdn.undertone.com
1 prebid.a-mo.net cdn.undertone.com
1 ce.lijit.com cdn.undertone.com
1 match.sharethrough.com cdn.undertone.com
1 hb.yahoo.net cdn.undertone.com
1 ap.lijit.com sdk.minutemedia-prebid.com
1 arenacloud.cdn.arkadiumhosted.com ams.cdn.arkadiumhosted.com
1 arenaconnect.cdn.arkadiumhosted.com arenaservices.cdn.arkadiumhosted.com
1 syndication.twitter.com platform.twitter.com
1 ingestion.smartocto.com tentacles.smartocto.com
1 api.smartocto.com tentacles.smartocto.com
1 pixel.quantserve.com www.theepochtimes.com
1 trace.mediago.io 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 cm.ctnsnet.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 arenacommonservices.cdn.arkadiumhosted.com gamedistribution.arkadiumarena.com
1 js.alocdn.com www.googletagmanager.com
1 static.ads-twitter.com www.theepochtimes.com
1 a.remarketstats.com 1 redirects
1 secure.quantserve.com www.theepochtimes.com
1 cdn.jsdelivr.net hb.improvedigital.com
1 analytics.pangle-ads.com 1 redirects
1 pub.headerlift.com hb.improvedigital.com
1 d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com services.epoch.cloud
1 sdk.minutemedia-prebid.com www.theepochtimes.com
1 adservice.google.com c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cdn.epoch.cloud www.theepochtimes.com
1 tracker-v4.gamedock.io html5.api.gamedistribution.com
1 tracker.gamemonkey.org cdn.gamemonkey.org
1 use.fontawesome.com comment.youmaker.com
1 cdn.gamemonkey.org html5.api.gamedistribution.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 pwe.epochbase.com www.theepochtimes.com
1 html5.gamedistribution.com www.theepochtimes.com
1 polyfill.io www.theepochtimes.com
0 d.turn.com Failed ssum-sec.casalemedia.com
744 207

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
help.theepochtimes.com
www.geoedge.com
Subject Issuer Validity Valid
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-18 -
2024-07-17		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
epoch.cloud
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
gamedistribution.com
Amazon RSA 2048 M02		 2023-08-20 -
2024-09-18		 a year crt.sh
*.epochbase.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-17 -
2024-01-17		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-18 -
2024-07-17		 a year crt.sh
*.google.ch
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mp.theepochtimes.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-10-24 -
2024-11-24		 a year crt.sh
gamemonkey.org
Amazon RSA 2048 M01		 2023-04-26 -
2024-05-24		 a year crt.sh
headerlift.com
E1		 2023-12-03 -
2024-03-02		 3 months crt.sh
gamedistribution.arkadiumarena.com
R3		 2023-10-27 -
2024-01-25		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
improvedigital.com
Amazon RSA 2048 M01		 2023-03-06 -
2024-04-03		 a year crt.sh
cdn.arkadiumhosted.com
R3		 2023-11-09 -
2024-02-07		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sdk.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-02-19 -
2024-03-20		 a year crt.sh
*.ssl.cf1.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-28		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.smartocto.com
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
ingestion.smartocto.com
Amazon RSA 2048 M01		 2023-10-11 -
2024-11-08		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.alocdn.com
Go Daddy Secure Certificate Authority - G2		 2023-02-02 -
2024-03-05		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2		 2023-10-18 -
2024-11-01		 a year crt.sh
syndication.twitter.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 08		 2023-11-16 -
2024-11-10		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-25		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh

This page contains 58 frames:

Primary Page: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Frame ID: D1E4BA7BB78A0A8A300A54F7B40F39BC
Requests: 168 HTTP requests in this frame

Frame: https://html5.gamedistribution.com/0d8acf7c95dc4c02b9d881f769a5c0b1/?gd_sdk_referrer_url=https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372/&width=510&height=900&language=es&gdpr-tracking=1&gdpr-targeting=1
Frame ID: 6E1EB492F39F5800C84BB5141E0D8CEC
Requests: 40 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Frame ID: 5765C86AFBF38E37B555917D3598EB38
Requests: 1 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
Frame ID: E9BFD0606EBB29FECFFCDED3560EC025
Requests: 38 HTTP requests in this frame

Frame: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A049133E1A3DE09FB94597E90C28B99C
Requests: 1 HTTP requests in this frame

Frame: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Frame ID: A34AC3B7828F3076AA914F0BC3B0A835
Requests: 32 HTTP requests in this frame

Frame: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyZDllYjI2ZjAtYjcyZS00ODEzLWE5MGEtNzhlM2JmMDkyMjYzJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyQ0glMjIlMkMlMjJjaXR5JTIyJTNBJTIyVEklMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRlp1cmljaCUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNDYuMDEzOCUyQyUyMmxvbmdpdHVkZSUyMiUzQTguOTM5NyU3RCUyQyUyMnN1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJoaXN0b3JpY1N1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJyZWdpb25JZCUyMiUzQSUyMiUyMiUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCU3RCU3RA==&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
Frame ID: DE0D175889ADBDDB59E88400DFBD714F
Requests: 3 HTTP requests in this frame

Frame: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C44B45B588ABE5582057EC217850444F
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxj91aOAAjAB&v=APEucNXuu2dCg9NBqwBS5nmLP_SzoGszvAL7mGaD5kZ6uUoxe7dblNBwcIuwtb1U0aju5RxB3AcpdFV4rtTe-5QyTWGdYqSRbA
Frame ID: CFC7A58A61D3DFCDB73FE9EA923E7788
Requests: 4 HTTP requests in this frame

Frame: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5E747A6C505DD136491CB2D3EFB5B0C
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYpZL1-QEwAQ&v=APEucNXlcuzZPMtrLudGHqz1i5w5vK4ymdiyQFGlGd8R-4FbYc7PEi_m74rWAhzgE5MzCsT9jeTckYybmVYDJWNcshxyelk-8w
Frame ID: 671FA1997359A4C2C991CB45396A507F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05FAAA08D8EB75520ECF0FAE173671DF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZR7DfRkR6oGrfPVaqyGAtagQM71xvqwvlqMjhWTRUscYcYSLgYFYqCZQZq-qohgQVAi6fkAvT3UT8KknR-8SQG8Qgt55JqoA8xtvtF6ylKzX8q6NZEH7SkAdswdM_Q_KJ5I4sQhFCwvvauyPk_BssAdbR4X-hm5kEHKG7FjjPTVQ_eY2Y5ARAX1LWli_7qgxv5TEAm3LdeE0nO8FAmRNitlDabduox9RZtDph0ljKVyVCnKOsa1n_m4hReON6O_IXX-7ZOpHQ7eDTlSVlgFVrmW2xagzNxsk_RMrfd1zLK2LGeqNZbZvn7nH_VYGx_Zeh2Q1vwtOb8BaoAN8PNcId3g94BTcuKU-L9w37PeIiqCuF5ZjmO5P1Viz-oTH2t-Z8I5foP7pRgPtkAEToSS8jpxU0ylgLEoY1-lqdsGzK_nE&sai=AMfl-YTNrLZmY2BFnNbWQuMs-m5AkpiJBP3-D5cjUUOn6OO8vzJJXH0fJpvAZcn3hvjZY39AuOoGc8SKe5m_yru3yH-Xc692yizyXkMGtbbGmFiw93lU0Oc7p7qzpiOnnQ&sig=Cg0ArKJSzFL1HZEIiw0zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 37F702CFEE12736B358A8DD4A57E9A4D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 0C7E1019C6F7D206A1266451A88B96F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1DADB03824E639759A22050E122C9211
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB57529F7B4DE415FEB29B0C9A2536C5
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15940192796231137618/index.html?ev=01_250
Frame ID: 7AF420E829EA1F91EDEC304EC8C5C349
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C3%3A66048%2C4%3A66048%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&channel=4089988593&format=0x0&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376951789&bpp=3&bdt=2254&idt=616&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=3388534333565&frm=24&ife=1&pv=2&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n0r5nl40olvq&fsb=1&dtd=629
Frame ID: 673F4BA386A5C9AAE597B337CCE302EF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702376950248
Frame ID: C62DF21EF7F6A9D11D186BB3C47E0DA9
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702376950224
Frame ID: 7952F85C8127C7BACB0A07B0CF3DBA05
Requests: 16 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: C3BD06AA246C0B0CF5C3B734489423EF
Requests: 8 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: A7A64E0C9EB6FE6688FC3FBAFD01BB68
Requests: 8 HTTP requests in this frame

Frame: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Frame ID: 9EEA34FB676AC3E70A60284A946C31F1
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702376950501
Frame ID: CD856508FADED2C375CC57C06DE1CFCD
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702376950225
Frame ID: B31C0C622BA40902241D100AB968C2E9
Requests: 16 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 6E1ADF9D8D59904E8645FE0B7AADFE6A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 399B1F1ED62F3F2350993D9B310B4931
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702376950673
Frame ID: B6C56E29143F1CAAE2D8215E23D1797B
Requests: 16 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: A1692AF9ADCAAA03B297D1915DF218E1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 34ECA02B6CAEA781D50F3F01D4786396
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 426A775C7FA15D2113D3659AA7CB2DFC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 545C3272A3170EDC47E39513645D880C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7598209245225368827/index.html?ev=01_250
Frame ID: 210ECE7DF7A97027CF4AFED516F8D82A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Frame ID: DDD61B33DE0016C79F5047CD82959675
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Frame ID: EBEDB3DA843BCDC56F38752C58F8B62C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 15C56C70894BD5708A4D6BA03735ABD6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: E941B0AE1A465CD48DEB2A416F456730
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: BCAD6D5BF7E95A27218631ED492240DA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: CC4103643D6E0880AC11E2191AD9CDB6
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 2DE2CCE201F72E218DA2D59D35DBE3D3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 793E945E86C0351096662CE6E9013CF7
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 4A54288C5DAB935F288846FCA6297D2B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: EF9783B19AAC378E77A5197D31EB7BC5
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 4E44D8F702234C9A19DDAD3113F2C90C
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 0891BD1A2EBDAD205AC827F61181CDA1
Requests: 19 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Frame ID: F8B7A1A090C63BC1C6B584D614BCDE50
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 71430E49CDA6ABCEFFFCCE043743B1CD
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 411CA3128014B5D2D9AE1254E95531B9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54BCBA78AD65A0D7AA71CE5966E9C676
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A400
Frame ID: 09C19782C2666842C353E696051EFC84
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7288A497895D654985BD6E89BDE7E025
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgamedistribution.arkadiumarena.com
Frame ID: DDA243281E4F5E73B1E58EFDD4784127
Requests: 2 HTTP requests in this frame

Frame: https://arenaservices.cdn.arkadiumhosted.com/playgame/api/playgame/play/gamedistribution.arkadiumarena.com/block-champ/
Frame ID: C39C5FDDAC2CAAB449DB7814967E9A0B
Requests: 3 HTTP requests in this frame

Frame: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Frame ID: 24F54282A44529C6698FC8F93A61A7AF
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Frame ID: 03C30DCC6668AD6CB9858BB1FBF3E8FA
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: DE0CA78CEAAA8A286DE02CE127E242E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: FC9A7C5B395D4FAE468B2D1423A31D22
Requests: 1 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c-rubicon.html
Frame ID: 45F1E9752DB13292A61CDCEEB479A001
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Block Champ - Play Now online & 100% Free | The Epoch Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

744
Requests

72 %
HTTPS

0 %
IPv6

134
Domains

207
Subdomains

134
IPs

10
Countries

10331 kB
Transfer

29042 kB
Size

187
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://unpkg.com/web-streams-polyfill/dist/polyfill.min.js HTTP 302
  • https://unpkg.com/web-streams-polyfill@3.2.1/dist/polyfill.min.js
Request Chain 111
  • https://pm.azerioncircle.com/p/locus HTTP 302
  • https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAPT07GUbw56L-Wz9GcPNRQ&google_cver=1
Request Chain 169
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXg19.CgV1XLmDdXOS6uOQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUDMFqdut41MrHKjFAKf_8&google_cver=1&google_hm=2
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELn5M8qCMB4dxdIYmZO8Blk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELn5M8qCMB4dxdIYmZO8Blk%26google_cver%3D1
Request Chain 193
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MTMwMjU3NDM5NDM2MDA2OQ%3D%3D
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBRk1Pr8YbTlqk2Mg1j2bb8&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBRk1Pr8YbTlqk2Mg1j2bb8&google_cver=1
Request Chain 195
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjU4MzQyMzUtYmYyNy0yZjNkLWZiNWYtNzQxMDM3YmM5YTNl
Request Chain 222
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_cver=1&google_push=AXcoOmSAsL_rAiIdO699b1eM4ahl961SMwn6DgZli8TKdGglnDWWq86balxQ8F4sw1Gk741_PqJ_5NBhiVOlNriUGkCz565x3aM HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6b7531dda2a516fe&is_secure=true&networkId=14000&version=1&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_cver=1&google_push=AXcoOmSAsL_rAiIdO699b1eM4ahl961SMwn6DgZli8TKdGglnDWWq86balxQ8F4sw1Gk741_PqJ_5NBhiVOlNriUGkCz565x3aM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIIqB6TrTkVwMkXxRpAAAAAAA&expiration=1702463353&google_cver=1&is_secure=true&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_push=AXcoOmSAsL_rAiIdO699b1eM4ahl961SMwn6DgZli8TKdGglnDWWq86balxQ8F4sw1Gk741_PqJ_5NBhiVOlNriUGkCz565x3aM
Request Chain 223
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELt_H4Qj4ZYwbT0GK5mAV6M&google_cver=1&google_push=AXcoOmQ5fBblEZczLGfTWlbqojOwEI03pMYoX8JTT33dkA5GIPJfUu4VZq903xivlxcknWawubFUtYNALUABsm1d7HKHmcp4Mi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ5fBblEZczLGfTWlbqojOwEI03pMYoX8JTT33dkA5GIPJfUu4VZq903xivlxcknWawubFUtYNALUABsm1d7HKHmcp4Mi0&google_hm=HDKX_tbnQd-ztg8V6heW1jI
Request Chain 224
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDfUfpnU1Lx_qw2L5ISavZc&google_cver=1&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC2kofEPk HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDfUfpnU1Lx_qw2L5ISavZc&google_cver=1&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC2kofEPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC2kofEPk&google_hm=yReToe3kSm2l5V2yP2veIw==
Request Chain 225
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOItjtsfTOBx6fXggeid-vw&google_cver=1&google_push=AXcoOmT3fsky7iGewpBDtZShZH5CDOhShfA_UDS82Cif4rOrhNIRaKvNvI7y9cO4PTkc19NPnyE17p3atO_1SXHrx225Sgy8E84 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT3fsky7iGewpBDtZShZH5CDOhShfA_UDS82Cif4rOrhNIRaKvNvI7y9cO4PTkc19NPnyE17p3atO_1SXHrx225Sgy8E84&google_hm=M3p6ekFpaXR0VWliRlN5THVpbW4=
Request Chain 226
  • https://cs.media.net/cksync?type=g&google_gid=CAESEPBeHLxFdrVXLZgybve6Jdw&google_cver=1&google_push=AXcoOmSKTgornL8OaFKvXZMUXJSLYJS5EJCww4W92vF4Tn_iD9MhuI5ZZJ-_KuDEsPTzOBjGip08U64rf3hcHW-wsYuGbd1xGTg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSKTgornL8OaFKvXZMUXJSLYJS5EJCww4W92vF4Tn_iD9MhuI5ZZJ-_KuDEsPTzOBjGip08U64rf3hcHW-wsYuGbd1xGTg&gdpr=&gdpr_consent=
Request Chain 227
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFfLQ_VAI38J5soB-STugsI&google_cver=1&google_push=AXcoOmSonF66IH7W4q5gD3Bg5di4sybivVGgfTT-nEsuBGdJRrilwrZbKboMAUfS0m66djq0D8QPTCPW5UVLBuDiedCKnAGTDDlr HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFfLQ_VAI38J5soB-STugsI&google_cver=1&google_push=AXcoOmSonF66IH7W4q5gD3Bg5di4sybivVGgfTT-nEsuBGdJRrilwrZbKboMAUfS0m66djq0D8QPTCPW5UVLBuDiedCKnAGTDDlr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
Request Chain 233
  • https://ad.doubleclick.net/ddm/activity/src=8050383;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Request Chain 256
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Request Chain 257
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=6b9326e592393fedad116a77b77ff4b6&gdpr_consent=&gdpr=1
Request Chain 259
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=c8c7fcb7-bdaf-4a8d-9053-0e145f0e2116
Request Chain 260
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S029ewC4lICBB8gYYk4WdordtVF4HoQ
Request Chain 263
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Request Chain 273
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJj1Wpo6lvY0-1__yVcDgfo&google_cver=1&google_push=AXcoOmSMZfp9sg6F70EkNLMNQc94PdLnyDMx2FwUUBEWzJxG10PhomrdgQsv6Po7nnTnJcZJSky4vuD5TNM2V0yfNFk2eb5kGEIWUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSMZfp9sg6F70EkNLMNQc94PdLnyDMx2FwUUBEWzJxG10PhomrdgQsv6Po7nnTnJcZJSky4vuD5TNM2V0yfNFk2eb5kGEIWUg
Request Chain 274
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEImoBScLSYhT5Gqgnum3-Yc&google_cver=1&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEImoBScLSYhT5Gqgnum3-Yc&google_cver=1&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw&google_hm=yReToe3kSm2l5V2yP2veIw==
Request Chain 276
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIYiwGKNkLs07olUdsjiOA8&google_cver=1&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYxOztxjmLN8CAvQ6xI4HzcEsOg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIYiwGKNkLs07olUdsjiOA8&google_cver=1&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYxOztxjmLN8CAvQ6xI4HzcEsOg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ3OTI5MjYyMjQzNTIzMjU5Mg&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYxOztxjmLN8CAvQ6xI4HzcEsOg
Request Chain 277
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBBx9xyKP1e2hLGUiHl8pCk&google_cver=1&google_push=AXcoOmSVZ5__2oWGCeVya8MA6E6u6XJJF9xTzzzE-jvFPTrLWzHZBv2HorXWPLoEDTu1u_WFR-j8A9ZxCaJOgr6dFpjcmJdPgmW1cTk HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBBx9xyKP1e2hLGUiHl8pCk&google_cver=1&google_push=AXcoOmSVZ5__2oWGCeVya8MA6E6u6XJJF9xTzzzE-jvFPTrLWzHZBv2HorXWPLoEDTu1u_WFR-j8A9ZxCaJOgr6dFpjcmJdPgmW1cTk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
Request Chain 278
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHSAgpfrGMGj3DkBwmtHRds&google_cver=1&google_push=AXcoOmTzymC5mwweEokD4N32aCAVjU24ZjPZXMgaGd9-MY6G8XWzikzgCCkNPlQbPhLbECPqTBdizrBDu4vySO6wRElbfRzsmhotoZY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTzymC5mwweEokD4N32aCAVjU24ZjPZXMgaGd9-MY6G8XWzikzgCCkNPlQbPhLbECPqTBdizrBDu4vySO6wRElbfRzsmhotoZY
Request Chain 282
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Request Chain 283
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
Request Chain 284
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=ea5f82a4-0443-41e1-a272-f2312638c68c
Request Chain 285
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08o7hxLYtcnqSpK6VQMbgu6-aJrTvg
Request Chain 288
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Request Chain 297
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Request Chain 298
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
Request Chain 299
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d63f69f-9c7d-41c5-a90b-f38b64252ab9
Request Chain 300
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08myraYnAChX6dzQ30NZ6aU_qaMdQQ
Request Chain 303
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=H8Nk5mOn9heKHozs7DNBsjveAyc2_Dmj-INqcSXdgAk
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Request Chain 313
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Request Chain 314
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
Request Chain 315
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=af1ab434-94aa-43ee-83c0-91f163554142
Request Chain 316
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_s0dwvdxM8alQxiwqOKTs1OywZDaQ
Request Chain 319
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Request Chain 328
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Request Chain 329
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
Request Chain 330
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=bec88e1f-f4d7-4d79-93d3-bd523fed5c21
Request Chain 331
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_uBY6D4aIKWfyICwXksV1KbURh57Q
Request Chain 334
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Request Chain 352
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=epochfun/block-champ-epoch-games-3942372 HTTP 302
  • https://a.clickcertain.com/px/smart/a/?seg=epochfun/block-champ-epoch-games-3942372&c=244b81b94c69796 HTTP 302
  • https://a.clickcertain.com/px/?c=244b81b94c69796&rid=96c2eca2-3759-4102-83b0-b7fdc342e9a3
Request Chain 355
  • https://tags.wdsvc.net/controller.js?id=100415 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702376953893
Request Chain 358
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1702376953026&ns_c=UTF-8&c8=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1702376953026&ns_c=UTF-8&c8=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&c9=
Request Chain 416
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 417
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Request Chain 418
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Request Chain 420
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 421
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUUwMDAzNDEtQ0VENy00RjNDLUFEMzktNUI3RkZDRUQ2REIw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 422
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Request Chain 423
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Request Chain 424
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Request Chain 425
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Request Chain 427
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 428
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE4QkI2NkYtNUUwNC00RTcyLUFEMTQtMzM5MjVGMENGQjEz&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 429
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Request Chain 430
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Request Chain 432
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 433
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Request Chain 434
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Request Chain 436
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 437
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjBCQTNBNkUtODZEOS00MUM2LUE3QzgtQUNCMzU4REFBQjE4&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 438
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Request Chain 439
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Request Chain 441
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 442
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Request Chain 443
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Request Chain 445
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 446
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjExRDM5RTctNkNFMS00QzRFLTlDNDctOUNEMTRFN0NEMjk5&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 447
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Request Chain 448
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Request Chain 450
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 451
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Request Chain 452
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Request Chain 454
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 455
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0E2OTJBNzItOTNGRS00NzIxLUFCMzItNEFENjdCMUZENzA5&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 456
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Da17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Request Chain 457
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Request Chain 459
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 461
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
Request Chain 464
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=94d1d17c4cd04c15a1b80c4bf9700926 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Request Chain 465
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7462143506322131454
Request Chain 466
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R0CuN0JA_zdcEKk3Exe0ORJErTpcTK84R03cyD2F
Request Chain 467
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1c3297fed6e741dfb3b60f15ea1796d6&expiration=1704968954
Request Chain 468
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718188162&external_user_id=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
Request Chain 470
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d578a70e8468410cb05e27dbdd37ca82 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Request Chain 471
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8151302574394360069
Request Chain 473
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f4c8d6416d16ab94eb4d32e5561b56e&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv0b34_7313351356169512981&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 475
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=11962df0-3e75-53c7-e5a2894f
Request Chain 476
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=fbe959de-ea15-43e3-8811-e8045f163537
Request Chain 477
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXg1_gAGXY3WwABU HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGXY3WwABU&_test=ZXg1_gAGXY3WwABU
Request Chain 479
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f35a8ff934f14f52a4c41695ea212e10 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Request Chain 480
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Request Chain 481
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABzmU7K8GwAABPKX_gZFA&expiration=1703586554
Request Chain 482
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=d249f84641b163d&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30alf354aANxtMNWAAAAAAA&expiration=1702463354&is_secure=true
Request Chain 484
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZXg19.CgV1XLmDdXOS6uOQAA%261147 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=3cae163a-8bd3-4648-8b34-dfcf951311d5
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
Request Chain 488
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b29b440ce2c34e58b1999cdfd3c9bb4e HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=94d1d17c-4cd0-4c15-a1b8-0c4bf9700926 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b4860cc5-481a-44d7-948d-2690ec43bc3a%3A1702376962.5905209&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db4860cc5-481a-44d7-948d-2690ec43bc3a%253A1702376962.5905209%26_%3D1702376962.5928612&cb=1702376962.5929008 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=4664819835033446644&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db4860cc5-481a-44d7-948d-2690ec43bc3a%253A1702376962.5905209%26_%3D1702376962.5928612 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b4860cc5-481a-44d7-948d-2690ec43bc3a%3A1702376962.5905209&_=1702376962.5928612 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdiNDg2MGNjNS00ODFhLTQ0ZDctOTQ4ZC0yNjkwZWM0M2JjM2E6MTcwMjM3Njk2Mi41OTA1MjA5EAAaDQiG7OCrBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIeDlT2VYX-VKPA8cP-syXE&google_cver=1
Request Chain 489
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=13BE9204229141EDBFD6D1744A40FED9
Request Chain 490
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Request Chain 491
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586554
Request Chain 492
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 493
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXg1_gAGW1rXrABU HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGW1rXrABU&_test=ZXg1_gAGW1rXrABU
Request Chain 494
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147
Request Chain 502
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b25bca1b302e457db10d4493ae778a9d HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=94d1d17c-4cd0-4c15-a1b8-0c4bf9700926 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a2fc068d-b84f-4951-b49c-5c50a117c015%3A1702376962.5889974&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da2fc068d-b84f-4951-b49c-5c50a117c015%253A1702376962.5889974%26_%3D1702376962.5912595&cb=1702376962.5913007 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=4664819835033446644&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da2fc068d-b84f-4951-b49c-5c50a117c015%253A1702376962.5889974%26_%3D1702376962.5912595 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a2fc068d-b84f-4951-b49c-5c50a117c015%3A1702376962.5889974&_=1702376962.5912595 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8151302574394360069
Request Chain 503
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Request Chain 504
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DB4BF262E0F44031BD99C3D90F318DAB
Request Chain 505
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586602
Request Chain 507
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEYkE7K8GwAABWIV0ZT9Q&expiration=1703586555
Request Chain 509
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699eac8a04220olwb00lq27aeve
Request Chain 536
  • https://pm.azerioncircle.com/p/locus HTTP 302
  • https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
Request Chain 565
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 566
  • https://um.simpli.fi/gp_match?google_gid=CAESECoRxnnhzy5N43VP3NYcmPg&google_cver=1&google_push=AXcoOmRTsXu_zrRV9_qzwvIgKo-zjyvlmGwcbMQC2f-Tdr4ADcrrHszMJdV4-fyAqXyAGEvcxltYQ-MPseoOkz9Yy43ECcOASE624Mzk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82833912DB12441CBA3377A3688FD58E&google_push=AXcoOmRTsXu_zrRV9_qzwvIgKo-zjyvlmGwcbMQC2f-Tdr4ADcrrHszMJdV4-fyAqXyAGEvcxltYQ-MPseoOkz9Yy43ECcOASE624Mzk
Request Chain 567
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBZkPOTikixLogUfYX3Un8o&google_cver=1&google_push=AXcoOmTIhnrX7Cp3wQRWWqeMczskpgOz9IMgr4mWfZCNG7Ofmj0b7PvenWWe4LIKZag47NwNwSvmO_tW7L-fxV7ZUnClsDg2fwpBw1GV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799608371&us_privacy=1---
Request Chain 568
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECoX1GjU4oHCxjXLpIo7sH8&google_cver=1&google_push=AXcoOmRZqU561p9hnJvRS_nCOPeZas2mRxzbVF3d0iV2VhEJwpXW4YyOdNEqD4hDwHhXVhDsKJTCs_VkEM_PYk4VyJwA4tx-k1QCY2cyaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRZqU561p9hnJvRS_nCOPeZas2mRxzbVF3d0iV2VhEJwpXW4YyOdNEqD4hDwHhXVhDsKJTCs_VkEM_PYk4VyJwA4tx-k1QCY2cyaQ&google_hm=NDY2NDgxOTgzNTAzMzQ0NjY0NA==
Request Chain 570
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 571
  • https://um.simpli.fi/gp_match?google_gid=CAESECoRxnnhzy5N43VP3NYcmPg&google_cver=1&google_push=AXcoOmQV0h-Zd9BGk3vhZhL2QqIn9SJX48Gvf6HhE6N8t27wrOVmrmEup8RD4AHMmo5Ep8ebeAGxbcBRfiPcXcCy5K5jppxrDg-YtMht HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC5EBBF35336448FA0276DD5F2352122&google_push=AXcoOmQV0h-Zd9BGk3vhZhL2QqIn9SJX48Gvf6HhE6N8t27wrOVmrmEup8RD4AHMmo5Ep8ebeAGxbcBRfiPcXcCy5K5jppxrDg-YtMht
Request Chain 572
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBZkPOTikixLogUfYX3Un8o&google_cver=1&google_push=AXcoOmRvCZ4raw9MU6lBxniC4JhvPCdb6BA7sACAAAtjBLCmMxaP7OdVjQ_M7eE2fO72AWHfPQrBccfOmev5hNnHaAsTxM6zK7e-M8op HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799532456&us_privacy=1---
Request Chain 573
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECoX1GjU4oHCxjXLpIo7sH8&google_cver=1&google_push=AXcoOmQJwqFPif9R-lc5RmpKNYDAsDJe1mCweWcegRLdAHpUwFq2Pquh5ps02sI9vG9vB3qp3Rpu6XNk06TTQQLs7VY6SMLGdP4CbgeRkw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQJwqFPif9R-lc5RmpKNYDAsDJe1mCweWcegRLdAHpUwFq2Pquh5ps02sI9vG9vB3qp3Rpu6XNk06TTQQLs7VY6SMLGdP4CbgeRkw&google_hm=NDY2NDgxOTgzNTAzMzQ0NjY0NA==
Request Chain 577
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&auid=7edeff06-3194-4e86-b5ea-90b51e53ae5d HTTP 302
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&auid=7edeff06-3194-4e86-b5ea-90b51e53ae5d&tdc=1
Request Chain 610
  • https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM= HTTP 301
  • https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Request Chain 640
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1345541413206663661435
Request Chain 642
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=TY6GIkeytWbi&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Request Chain 643
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4845899871328933219&gdpr=0&gdpr_consent=
Request Chain 644
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=4528084541678471908 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=5fb947ad-9ec7-525a-9f7f-9e8dfa07a88f
Request Chain 653
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LQ27A84H-20-508C&gdpr=0
Request Chain 655
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=2302128734912386375
Request Chain 657
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxAtYRSts6TieVoBBTouyU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1A8BB66F-5E04-4E72-AD14-33925F0CFB13
Request Chain 658
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Request Chain 660
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-8sIVo11E2pmUNdKBhBUv9UDlI0_GeLqtkhVPTw--~A&expires=5&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent=&us_privacy=
Request Chain 662
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LQ27A84H-20-508C HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 665
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTY3Mzk3NTQ4ZmZlYzIyZTBlZTgzNzU3Y2QyZTZkNDMxYzBmYTlkYw
Request Chain 666
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyN0E4NEgtMjAtNTA4Qw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOiTcKEU05ckxHY4FRK1DI8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyN0E4NEgtMjAtNTA4Qw==&google_push=
Request Chain 667
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ27A84H-20-508C&ex=d-rubiconproject.com&status=ok
Request Chain 668
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_bj6iH56cXG58rq-7pEjY&google_cver=1
Request Chain 669
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ27A84H-20-508C
Request Chain 670
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4eIe7uoEQla59WpzB5AtQQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=4eIe7uoEQla59WpzB5AtQQ
Request Chain 671
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GyKadybdRVKk2uL76MT8Ww&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GyKadybdRVKk2uL76MT8Ww
Request Chain 673
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jYVdFLLV0OIBOoUa6NhuHMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zvTBf2hE2oIV5QcZEmrdl67gblDEvvRznpZ59w--~A
Request Chain 674
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEYkE7K8GwAABWIV0ZT9Q&expires=30
Request Chain 675
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ27A84H-20-508C&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ27A84H-20-508C&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nRXBLdTZCRTJ1SFVVTGFFMGVNMzFfM0Q3TzZIWnZiMH5B&ovsid=LQ27A84H-20-508C&dpid=58160
Request Chain 676
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ27A84H-20-508C
Request Chain 677
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ27A84H-20-508C
Request Chain 678
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ27A84H-20-508C
Request Chain 679
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ27A84H-20-508C
Request Chain 680
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ27A84H-20-508C&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ27A84H-20-508C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 681
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Request Chain 682
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ27A84H-20-508C
Request Chain 683
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b60cab5-d08c-4a0a-8d8d-e6bae10223df&expires=30
Request Chain 684
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Request Chain 685
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ27A84H-20-508C
Request Chain 686
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=c0fcd6ec-6265-455b-88fb-aeebcea19ac2
Request Chain 688
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7479292622435232592
Request Chain 689
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7462143506322131454&expires=60&gdpr=&gdpr_consent=
Request Chain 690
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=8151302574394360069&expires=30
Request Chain 691
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1702376963297 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1854320553 HTTP 302
  • https://sync.1rx.io/usersync/turn/7462143506322131454?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003&expires=30
Request Chain 693
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ27A84H-20-508C
Request Chain 694
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Request Chain 695
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ27A84H-20-508C
Request Chain 696
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ27A84H-20-508C&name=RUBICON
Request Chain 698
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ27A84H-20-508C
Request Chain 699
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ27A84H-20-508C&obUid=&initiator=
Request Chain 700
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQ27A84H-20-508C HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQ27A84H-20-508C?zcc=1&cb=1702376963297 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003
Request Chain 701
  • https://token.rubiconproject.com/token?pid=49096 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ27A84H-20-508C HTTP 303
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ27A84H-20-508C
Request Chain 702
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&expires=360&gdpr=0&gdpr_consent=
Request Chain 703
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQ27A84H-20-508C
Request Chain 704
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXg1_gAGW1rXrABU
Request Chain 706
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=82833912DB12441CBA3377A3688FD58E&expires=365
Request Chain 707
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=7478af9157241904&is_secure=true&networkId=12783&version=1&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIKydD6hxyDwNl798SAAAAAAA&expiration=1702463363&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
Request Chain 709
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7311653381556992157&expires=730
Request Chain 711
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ27A84H-20-508C
Request Chain 712
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ27A84H-20-508C
Request Chain 713
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=TY6GIkeytWbi&ev=1&pid=560687
Request Chain 714
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQ27A84H-20-508C
Request Chain 715
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Request Chain 716
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Request Chain 717
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ27A84H-20-508C
Request Chain 718
  • https://ums.acuityplatform.com/tum?umid=2 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=863799532456&expires=30&us_privacy=1---
Request Chain 719
  • https://b1sync.zemanta.com/usersync/rubicon/ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Request Chain 720
  • https://rbp.mxptint.net/sn.ashx HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA5_10D92617F_8581BBF&expires=60
Request Chain 721
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme HTTP 302
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ27A84H-20-508C
Request Chain 722
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon HTTP 302
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ27A84H-20-508C
Request Chain 723
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856 HTTP 302
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ27A84H-20-508C
Request Chain 724
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=MGiVfTVoxH0rOJJ9ZD-Pc2VslnArZJRyMGWcIww7
Request Chain 725
  • https://ssbsync.smartadserver.com/api/sync?callerId=87 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=4845899871328933219&gdpr=0&gdpr_consent=
Request Chain 726
  • https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=3cae163a-8bd3-4648-8b34-dfcf951311d5
Request Chain 727
  • https://tg.socdm.com/rtb/sync?proto=rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZXg2BMCo5swAAORppMkAAAAA
Request Chain 728
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001989&dspCookie=LQ27A84H-20-508C HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=c8217e6d97&gdpr=0&gdpr_consent=
Request Chain 729
  • https://beacon.lynx.cognitivlabs.com/rb.gif HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=6cc45041-e0a5-4598-9924-335e05373475&expires=365&next=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Drubicon%26inventory_source%3D0 HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=49038&puid=6cc45041-e0a5-4598-9924-335e05373475
Request Chain 730
  • https://sid.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 732
  • https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09e8220400df3d95e608f1e5&expires=1
Request Chain 733
  • https://onetag-sys.com/match/?int_id=4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9MdhR9HQ4k4fk9syent6vDT-o6KZOqxqowJ6WF9Wp2s
Request Chain 734
  • https://dmp.brand-display.com/cm/api/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=11962df0-3e75-53c7-e5a2894f
Request Chain 736
  • https://pixel.rubiconproject.com/token?pid=3 HTTP 302
  • https://stags.bluekai.com/site/6123?id=LQ27A84H-20-508C&limit=1
Request Chain 737
  • https://s.company-target.com/s/rp HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
Request Chain 739
  • https://x.bidswitch.net/sync?ssp=rubicon HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=rubicon&bsw_custom_parameter=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=rubicon&bsw_custom_parameter=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9dd6aef8-7ca9-4986-9977-5acb3639a03b&ssp=rubicon&expires=30&user_group=5&bsw_param=c91793a1-ede4-4a6d-a5e5-5db23f6bde23 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&expires=30&gdpr=&gdpr_consent=&us_privacy=
Request Chain 740
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=yQ1296GN1Rd00X5&expires=30
Request Chain 741
  • https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=527d57e1-56ac-47c5-a83b-2fc81ba87fa0
Request Chain 742
  • https://rcp.c.appier.net/rbcm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=zJgxgA0SDvGWf6DrBDZ4ZQ&expires=365
Request Chain 743
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Request Chain 749
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eVExMjk2R04xUmQwMFg1&google_cm HTTP 302
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESECnCzXsmUGMu2wIA1LshumI&google_cver=1

744 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request block-champ-epoch-games-3942372
www.theepochtimes.com/epochfun/ 		248 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
903e1b14c5228306dec00dd70f7067e8b453913d049cd7c009202b88f13fc462

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
MISS
cf-ray
834548ce48e50e66-MXP
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 10:29:08 GMT
last-modified
Tue, 12 Dec 2023 10:29:08 GMT
server
cloudflare
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-powered-by
Next.js
0e4fe491bf84089c-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/0e4fe491bf84089c-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Origin
https://www.theepochtimes.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
"657390b4-2b20"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
834548d749350e66-MXP
content-length
11040
6bb7340ca2af5689-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		169 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/6bb7340ca2af5689-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b0a6b7e1a39cfab0b46283acb187039816c087dba5d16b7e64f78ee59a1137

Request headers

Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Origin
https://www.theepochtimes.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
etag
"657390ad-2a2f0"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
834548d749380e66-MXP
content-length
172784
934c4b7cb736f2a3-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/934c4b7cb736f2a3-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Origin
https://www.theepochtimes.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
"657390b4-2b14"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
834548d7493a0e66-MXP
content-length
11028
9abce57f69036a9f-s.p.woff2
www.theepochtimes.com/_next/static/media/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/media/9abce57f69036a9f-s.p.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4551991444bea767a97af5120479bd3b786c29a14498dc3e13a8ea3a029dced

Request headers

Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Origin
https://www.theepochtimes.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
etag
"657390b2-1d45c"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
834548d7493c0e66-MXP
content-length
119900
0a9daa1ecbd2c13a.css
www.theepochtimes.com/_next/static/css/ 		206 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/css/0a9daa1ecbd2c13a.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d47796ff9eb9aa3d3dfeca09b2b2aa7880f975b5e21adfda7ef43f745db3e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
149
etag
W/"657390b4-33847"
vary
Accept-Encoding
content-type
text/css
cf-ray
834548d749310e66-MXP
b8604733e03d8f28.css
www.theepochtimes.com/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/css/b8604733e03d8f28.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fbdb5935b28450589b76b53bb1c5d0234d14de6b66173ffc6e38b91d1b1db3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-d13"
vary
Accept-Encoding
content-type
text/css
cf-ray
834548d749320e66-MXP
53fa15469dc309b1.css
www.theepochtimes.com/_next/static/css/ 		2 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/css/53fa15469dc309b1.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16ca3aa97c894d331e7f3dadaee8f7ac8a66a30fc1f85c877bdca4cd911ef520

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-851"
vary
Accept-Encoding
content-type
text/css
cf-ray
834548d749340e66-MXP
webpack-b2d0e6f204d668c0.js
www.theepochtimes.com/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aad44daac146bcce6f4af4f12a865b7dfd21a6bd11b85be0c79947c70c6f135

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
148
etag
W/"657390af-14a6"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548d7493d0e66-MXP
1dd3208c-0d71712ce0edec8f.js
www.theepochtimes.com/_next/static/chunks/ 		157 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/1dd3208c-0d71712ce0edec8f.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c87f976cf92a16c0de1912a209b8a1d5e85fe70057222b149f4b3852ebeaed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
46
etag
W/"657390af-27404"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548d7493e0e66-MXP
3575-2d836e85a2302404.js
www.theepochtimes.com/_next/static/chunks/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/3575-2d836e85a2302404.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94f1a39acfe37b82ee50c1db98885a2fca89e81ca7850294df2dbde1f76972c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
168
etag
W/"657390b2-18d9d"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548d7493f0e66-MXP
main-app-923361e5b51e402d.js
www.theepochtimes.com/_next/static/chunks/ 		429 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/main-app-923361e5b51e402d.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1104aae416bc32900e253b50a26d22beba9fa197d2d805d42b7c106b32aa51

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
148
etag
W/"657390af-1ad"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548d7594e0e66-MXP
grumi-ip.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d05ae9b253cab83099387db0d3a4ec1c2be203c3738e2dcb74927c1fd6bc626

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:25:26 GMT
x-amz-version-id
jmHd6OD89L5yuORwl6MPOnjFnfOUOPUL
content-encoding
br
last-modified
Sun, 10 Dec 2023 11:33:22 GMT
server
AmazonS3
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"8a0c1c442967d757a46b3bb7a75ef66d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
223
x-amz-cf-id
FXVrn4Wg_UofADEFxB_az4DW5aOLU5RXzlq56Ll7WYS1Nq6a_pJSYA==
polyfill.min.js
polyfill.io/v3/ 		101 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Intl%2CResizeObserver%2CIntersectionObserver
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 10:29:08 GMT
age
49503
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
120
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/89.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
polyfill.min.js
unpkg.com/web-streams-polyfill@3.2.1/dist/
Redirect Chain
  • https://unpkg.com/web-streams-polyfill/dist/polyfill.min.js
  • https://unpkg.com/web-streams-polyfill@3.2.1/dist/polyfill.min.js
59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-streams-polyfill@3.2.1/dist/polyfill.min.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3530366f481c19813abb79fd15cdc5b45dbbc276401cbde7c4bf283b75a114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
963878
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGJ1Y8P43SFBWEPTRQQB8MFE-fra
server
cloudflare
etag
W/"ec4a-HUydLHWFwqUMHRHMwTGDjElD3/c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
834548dacbaa523d-MXP

Redirect headers

date
Tue, 12 Dec 2023 10:29:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HHERTF05X9YP32CAWP2JDH5K-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
362
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-streams-polyfill@3.2.1/dist/polyfill.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
834548d9ca41523d-MXP
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
2b212916dfe2671073195571a45aba302760033b8abf8bd0a21644c83b280460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29167
x-xss-protection
0
server
cafe
etag
572 / 19703 / 31080056 / config-hash: 11999804698944333348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:08 GMT
prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		283 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b459cc9bf965b73d8b86b4b8da20b0f019b14dcdcc33ff8909920d0f22eb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Nov 2023 22:40:10 GMT
server
cloudflare
x-microcachable
0
etag
W/"6567bdca-46db6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
834548d7594f0e66-MXP
x-device
desktop
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fcc09471e9aadf4816df5d88a00594ed8bfad977bd4ffb303002a76ace38f7da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 10:29:08 GMT
api.bundle.js
subs.theepochtimes.com/lib/ 		368 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b7123bf5d1742985950f5f6ab3845907263a91e175527eb11baae5f45c3735a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 11:29:08 GMT
epoch_mparticle.min.js
services.epoch.cloud/public-labs/epoch-ai/mparticle/built/ 		247 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/mparticle/built/epoch_mparticle.min.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea0a9543e9faa916e4107a9e7729cdf4cc84912df800b4ad98b2d1b4b5419cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 17:03:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3529
etag
W/"657740e9-3db6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JNIMQMDvFvSgYxVrLHI17KJJAOL%2Bk8rwBDY97b3%2B0EXAGszLXJ%2BfStWDzxibnsdAxB92Tjj0reSvnm52wNrADMeRiKDfaKiv%2BiksC1bvPIZVoAhxAwHGEmVt%2FZn%2FjUnLrofIY%2F9gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
834548d9caa40e05-MXP
alt-svc
h3=":443"; ma=86400
template.css
subs.theepochtimes.com/lib/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/template.css
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1242
expires
Tue, 12 Dec 2023 11:29:08 GMT
email-decode.min.js
www.theepochtimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Dec 2023 15:04:24 GMT
server
cloudflare
etag
W/"6569f5f8-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
834548d759510e66-MXP
expires
Thu, 14 Dec 2023 10:29:08 GMT
/
html5.gamedistribution.com/0d8acf7c95dc4c02b9d881f769a5c0b1/ Frame 6E1E 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://html5.gamedistribution.com/0d8acf7c95dc4c02b9d881f769a5c0b1/?gd_sdk_referrer_url=https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372/&width=510&height=900&language=es&gdpr-tracking=1&gdpr-targeting=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-64.fra56.r.cloudfront.net
Software
nginx/1.23.1 / Express
Resource Hash
7b160762b84082c2231fb686a658536e8d644f35125e201a48dae686f487f553

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age 3600
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 10:29:09 GMT
etag
W/"1e81-CZhudPJKC8IxZIg2wicbDNwQZIA"
server
nginx/1.23.1
vary
Accept-Encoding
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-id
FMtKFtNqWwcUN712QwUdbX77VHUW4DyfJb6OtTpFxd2_Y-HK7fS0Rg==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-powered-by
Express
menuSearch.9968d4ed.svg
www.theepochtimes.com/_next/static/media/ 		685 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/menuSearch.9968d4ed.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5fbbe10f708bf6bbcc9d5d91e7209391cf9798e3ac144d3dd3db2c2e698309

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
age
97
etag
W/"657390ad-2ad"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
834548db38950e66-MXP
logo.32553ed2.svg
www.theepochtimes.com/_next/static/media/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/logo.32553ed2.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ec2da6a4b0444953187ebca1373c7eee98813073fd5ce9046739d006220e5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
etag
W/"657390af-3f08"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
834548db38980e66-MXP
image
www.theepochtimes.com/_next/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FEpochFun_logo.bbb08190.png&w=640&q=75
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9d20a82bcd631dba5fb5a9c1dbc507baf559da09375e65b8870a328fc6e470
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
EXPIRED
server
cloudflare
etag
LJ0gqCvNYx26X7WpwdvFB7r1WdoJN15luIcKMo-G5HA=
vary
Accept, Accept-Encoding
content-type
image/webp
x-nextjs-cache
HIT
cache-control
public, max-age=315360000, immutable
content-disposition
inline; filename="EpochFun_logo.webp"
accept-ranges
bytes
cf-ray
834548db389c0e66-MXP
content-length
4408
copy_link.1f77f7a1.svg
www.theepochtimes.com/_next/static/media/ 		591 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/copy_link.1f77f7a1.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26596e242c76558f8085c3d3a634ff993bc7ff98cdfb6d322bb7698c420e6bfe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
etag
W/"657390b2-24f"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
834548db389e0e66-MXP
facebook_icon.abf2c2c3.svg
www.theepochtimes.com/_next/static/media/ 		617 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/facebook_icon.abf2c2c3.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3bccf2ba4483214a64dd5d4222b45ae474f5d51bbc50bc80e7c78445e621772

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-269"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
834548db389f0e66-MXP
x.772c500c.svg
www.theepochtimes.com/_next/static/media/ 		650 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/static/media/x.772c500c.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79b952455a77dfa6e4dbf3474e887a4a6cccf285881103803651bf408b4b16a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
etag
W/"657390ad-28a"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
834548db38a10e66-MXP
image
www.theepochtimes.com/_next/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FEET_footer.d4ea1157.png&w=384&q=75
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a63d5248095b6078fd95a59c270efae7d1cc086d9911533010bfd6555482f96
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
HIT
server
cloudflare
age
477
etag
mmPVJICVtgeP2VpZwnDvrn0cwIbZkRUzAQv9ZVVIL5Y=
vary
Accept, Accept-Encoding
content-type
image/webp
x-nextjs-cache
HIT
cache-control
public, max-age=315360000, immutable
content-disposition
inline; filename="EET_footer.webp"
accept-ranges
bytes
cf-ray
834548dba9630e66-MXP
content-length
3846
668f0bba-02f16f3e7b11d0d2.js
www.theepochtimes.com/_next/static/chunks/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/668f0bba-02f16f3e7b11d0d2.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08110fb32a9fa5e161050a13a7980c6db1bdfedbd3a09ea2b263c8520faa7f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
143
etag
W/"657390ac-152b4"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9650e66-MXP
7921-ca8ca4f34e556815.js
www.theepochtimes.com/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/7921-ca8ca4f34e556815.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d86b5ff40546e3a2ba79df35d4f926b43b145f3b84619df160fc5f1ff307633

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
143
etag
W/"657390b4-488a"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9670e66-MXP
6486-f0809c28403df2c4.js
www.theepochtimes.com/_next/static/chunks/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6486-f0809c28403df2c4.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0175ef65c5d8cd4ce63c030a8c409a33f73de027b1593bf77f780f91c3b07bdd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
etag
W/"657390ac-ce4e"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9680e66-MXP
1964-f309a178157256ae.js
www.theepochtimes.com/_next/static/chunks/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/1964-f309a178157256ae.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74236a282de7c51b1adb984ae3cea6da6dd85b93ba2dbd25e9ed5602d428cce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
age
143
etag
W/"657390b2-2e2d"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba96a0e66-MXP
5221-e4f233638818181d.js
www.theepochtimes.com/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/5221-e4f233638818181d.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4afeeb14c69ea6c3d2fcdb1fc6a1c065b6ed3c91fbf3dbb4dd15d1385a4661

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
143
etag
W/"657390ac-184c"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba96d0e66-MXP
6037-456fe9f37ca82de4.js
www.theepochtimes.com/_next/static/chunks/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6037-456fe9f37ca82de4.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d960967ed945eccb4d33bbfa679a17ded4cbbe92a4f7cdf044943b70362a8d3a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
141
etag
W/"657390b4-109af"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba96e0e66-MXP
2286-a7f2ea539860831e.js
www.theepochtimes.com/_next/static/chunks/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/2286-a7f2ea539860831e.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc34f96ebf6a33e9ea084b5932084e51a96c7b7b12bdc996059964a730a6babd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
44
etag
W/"657390b4-46f5"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9700e66-MXP
9198-f50aa2d7e3d84364.js
www.theepochtimes.com/_next/static/chunks/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8869af124bbe2c8627b005748e14edc51d21faea8ebd2e66e8e9fde87a33aa4f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
141
etag
W/"657390ac-3122a"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9720e66-MXP
4528-417d90d43a3f8294.js
www.theepochtimes.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/4528-417d90d43a3f8294.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac39a523505b8bfa1582a1d77caf1d83c9627c656da242fc184794d37b320034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
etag
W/"657390ac-2d02"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9730e66-MXP
layout-312d09455a5235df.js
www.theepochtimes.com/_next/static/chunks/app/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/layout-312d09455a5235df.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a551f08a781c99cca27a8f613bcae18ba1dc1737e91d782f4acd1b1aa6b2819f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
43
etag
W/"657390b4-296c"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9750e66-MXP
6553-96f8b4e8332835b6.js
www.theepochtimes.com/_next/static/chunks/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6553-96f8b4e8332835b6.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
064d7b833644dd282e4ab3ea2f965d8ec8d4cd6db6ab74c19d0e93df5bb6e823

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
age
143
etag
W/"657390ac-41b5"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba97a0e66-MXP
5704-01f8a6fd6b337147.js
www.theepochtimes.com/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/5704-01f8a6fd6b337147.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58255daa744ee7478e21dd58b685345e4f76d95522a5ba987c4e73e9281336c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:58 GMT
server
cloudflare
etag
W/"657390b2-32ca"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba97c0e66-MXP
9297-826fe847328b43f5.js
www.theepochtimes.com/_next/static/chunks/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/9297-826fe847328b43f5.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5714f24b380cd260c5a35831912e219007b34d727bd7c9bc65f0d242b004d9cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
142
etag
W/"657390af-860e"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba97d0e66-MXP
4552-d81ba207bee80515.js
www.theepochtimes.com/_next/static/chunks/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/4552-d81ba207bee80515.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3882c860de0e52e16628e5d14da86db2e9ebd8c9cd4bba36ddc1838bbf2355b2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-5dcd"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba97f0e66-MXP
layout-0a7748a746dd4257.js
www.theepochtimes.com/_next/static/chunks/app/(featured-category)/ 		193 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/(featured-category)/layout-0a7748a746dd4257.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b95d6c1eba546a31dc86da5797e215405b7b70513633483da057aac74119ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
etag
W/"657390af-c1"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9810e66-MXP
1398-97e7f87101f22946.js
www.theepochtimes.com/_next/static/chunks/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/1398-97e7f87101f22946.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c8b9a39abc61fdc3471dae2074d453064d80f2bba2fe19d1d7d683b9c7c7223

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:54:52 GMT
server
cloudflare
etag
W/"657390ac-49f9"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9840e66-MXP
layout-5851c912ca638e09.js
www.theepochtimes.com/_next/static/chunks/app/epochfun/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/epochfun/layout-5851c912ca638e09.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b0ee6bf5d301e1bbb21d770f5edaacf6597f16374a26c762b45eee554a1d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-43cb"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9870e66-MXP
page-2bc2e356d493d59e.js
www.theepochtimes.com/_next/static/chunks/app/epochfun/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/epochfun/page-2bc2e356d493d59e.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a68896078bb7b79ae7c9b02b61d763e0c1bfc01377a43ffec36351a759bd6bd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:54:53 GMT
server
cloudflare
etag
W/"657390ad-2ff8"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9890e66-MXP
931-c785358ff576a023.js
www.theepochtimes.com/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/931-c785358ff576a023.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2217ed3c72b72b9496411a601e38bb2dc1520f0cbd840576541e1ef89a3eb730

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
age
142
etag
W/"657390b4-1de9"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba98b0e66-MXP
6635-aaa70223b4b75abd.js
www.theepochtimes.com/_next/static/chunks/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/6635-aaa70223b4b75abd.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ee8dc4920b2dca6621737d57c70ab1dff3b54c52001d9488d2cf048c99c3c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 21:54:55 GMT
server
cloudflare
age
45
etag
W/"657390af-53a6"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba98d0e66-MXP
7519-97fd592376d9d9b7.js
www.theepochtimes.com/_next/static/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/7519-97fd592376d9d9b7.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0e66bf74da8675d70138bb4b907d1bfb811dbdcb9529e1d75faa3c1311b3b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-3d54"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba98f0e66-MXP
page-9038d319943ffe65.js
www.theepochtimes.com/_next/static/chunks/app/epochfun/%5Burl%5D/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/_next/static/chunks/app/epochfun/%5Burl%5D/page-9038d319943ffe65.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/webpack-b2d0e6f204d668c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21ca4a07c0e097bc9ae3a80c091c0b4e019a5725de5db32883dbf3dd509b2249

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 21:55:00 GMT
server
cloudflare
etag
W/"657390b4-1e73"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834548dba9900e66-MXP
main.min.js
html5.api.gamedistribution.com/ Frame 6E1E 		509 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://html5.api.gamedistribution.com/main.min.js
Requested by
Host: html5.gamedistribution.com
URL: https://html5.gamedistribution.com/0d8acf7c95dc4c02b9d881f769a5c0b1/?gd_sdk_referrer_url=https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372/&width=510&height=900&language=es&gdpr-tracking=1&gdpr-targeting=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9d45c678b3efcbdc0329806a66b7eb00ae36276a5b697c0ad495a8e8812c1fd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:28:50 GMT
content-encoding
br
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
last-modified
Fri, 08 Dec 2023 12:27:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
79220
x-amz-server-side-encryption
AES256
etag
W/"209d428586d91452a16510b8f193cc47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
xoZm1gfP-zJAEXT2PW4sfpgJ4SZxBeDsMnCs_abJgGApAyYRsawHqw==
region
pwe.epochbase.com/ 		190 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/region?siteId=www.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/2286-a7f2ea539860831e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ad342ee4d82e62e9f93c8fa69ec02ab20702414638ec74da029c9290424f4979

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190
gtm.js
www.googletagmanager.com/ 		282 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7b6025d9938c7ade95fc2f301b6ae202c3a8853d392176f5416169e63affe437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97545
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 10:29:09 GMT
grumi.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ Frame 5765 		243 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25cedcca705bb3868d4583c1116ffd759da458ca07f0d59b8da9116a3bffbf08

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:25:20 GMT
x-amz-version-id
ToZws85xyxrgSTKvUSNBf0RlxWyrpl5f
content-encoding
br
last-modified
Tue, 12 Dec 2023 10:22:54 GMT
server
AmazonS3
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"58784bb9008a81e3a4c87b44ee2e0e28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
229
x-amz-cf-id
0U-ydPfMQy7bEbyv5fXV4vogoe79j1F5-8Z4wcXjPeKnrliXynfMuw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40215
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:18:54 GMT
/
colossusssp.com/ 		2 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:10 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.107.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4091576171ea9606116f58a0d28b72ecc9776541b15eb506ef08b9ef28dbb32e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
14
content-length
179
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=5b23ae567c3155&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV90b3BfYWRfNzI4eDkwIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dfX19XX0=&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb
hb.undertone.com/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
DIQXCb6sV1PgSLwlS9PLOvIbLEgpIF53_5herGVV_s181xhEZCOuIQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		881 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.250.56.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-56-77.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
a3553cae259e01d486edd223cbb2ec6f38c9642ea78493c22641993f31538ecf

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
server
istio-envoy
x-reason
filterByBL0Supply: filtered all imps
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
881
hb-mm-multi
hb.minutemedia-prebid.com/ 		881 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.250.56.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-56-77.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
89101270369058e112ea6923c8e47ebe4318f33179dc0c2291ecf4e482135c4c

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
server
istio-envoy
x-reason
filterByBL0Supply: filtered all imps
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
881
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.107.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ba76f22ed19b751467e7866d55e3ad05f516fd6ed3d4f5dcfb8b9b9b4ef56c21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
14
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:10 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid
exchange.postrelease.com/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=21c885697bbfba2&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV90b3BfYWRfMzAweDI1MCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
hb
hb.undertone.com/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
RlTEiUaa3Rz29V660bhuFYnrfvd8XDAuFFYaqzYWadNcIfLm8XKBnw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=257ae116b5d4aa9&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV9yaWdodF90b3BfYWRfMzAweDYwMCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdLFszMDAsNjAwXV19fX1dfQ==&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjAsImdhbWVfcmlnaHRfdG9wX2FkXzMwMHg2MDAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb-mm-multi
hb.minutemedia-prebid.com/ 		881 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.250.56.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-56-77.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7e8ac086a9c6bfb17b6dcfca877a6afff2598e4f6be9dd6248be628db4b644e4

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
server
istio-envoy
x-reason
filterByBL0Supply: filtered all imps
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
881
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.107.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a36cdda8d565b592edf0130d661d189932432f40e59b089ba4ab0fd7a084ea25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
28
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb
hb.undertone.com/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
WXoYJpDBwYkznhNjNdA2zSxYRkL05DcpUKuqjJyzh5urf6_PmzaLrw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:10 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:10 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ 		881 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.250.56.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-56-77.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
1a2dca7dcedb76346bb3b8a79f9d40d155071080e042b94377e848c6446cb5c0

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
server
istio-envoy
x-reason
filterByBL0Supply: filtered all imps
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
881
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.107.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bacbba3b2a32f2c8cfda0efa75d9915951886ed0c0e830f40eb9340d94073af5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
14
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb
hb.undertone.com/ 		0
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
QpmAXHuvw8w-WqB8RIYyZwcxeNWnOfL_5PZAHgTxHYDw9CZaVkWt5Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=476f89f909eebab&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV9yaWdodF9ib3R0b21fYWRfMzAweDI1MCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjAsImdhbWVfcmlnaHRfdG9wX2FkXzMwMHg2MDAiOjAsImdhbWVfcmlnaHRfYm90dG9tX2FkXzMwMHgyNTAiOjB9&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
comment.youmaker.com/web/v3/ Frame E9BF 		774 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/1dd3208c-0d71712ce0edec8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5ca92c06dc31883efdd21b50d74cfd8756fa7a312728339494e2298cb40b6a9f

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 10:29:10 GMT
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
vary
Accept-Encoding
via
1.1 google
x-robots-tag
noindex
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je3bt0v884763001&_p=1702376949783&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=553582181.1702376950&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702376949&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&dt=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&ep.eet_page_type=post&ep.all_term_ids=epochfun-137957%3Bspecial-epoch-games-155638%3Bfree-games-ad-supported-172624%3Bpremium-116266%3Bfrontaudio-161329&ep.eet_cat_names=Epoch%20Fun%3BSpecial%3BFree%20Games%20-%20Ad-supported&ep.eet_author_name=Epoch%20Puzzles&ep.eet_primary_category_name=Free%20Games%20-%20Ad-supported&epn.eet_post_id=3942372&tfd=3425
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RD0QM5H02Q&cid=553582181.1702376950&gtm=45je3bt0v884763001&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RD0QM5H02Q&cid=553582181.1702376950&gtm=45je3bt0v884763001&aip=1&dma=0&gcd=11l1l1l1l1&z=1440068350
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:22:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4005
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 11:22:25 GMT
geo
subs.theepochtimes.com/rules/ 		116 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/rules/geo
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2c04b03f470351647b4bd72fd7953165d4fc6b0b859a35d012ac219041de6274

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.loading&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoxLCJhcmdzIjp7Im1lc3NhZ2UiOiJsb2FkaW5nIn0sInR0bGUiOiJCbG9jayBDaGFtcCIsInNpemUiOiI5NjAgeCA3MDQiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6Ijg5Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1702376949978
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:10 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
/
game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/ Frame 6E1E 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/?domain=theepochtimes.com&v=1.36.5&localTime=11
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
59d30583e985f22ee29bb9c9566548dac69caa439a5c7539e4be705520e363fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:10 GMT
cache-control
private, max-age 3600
x-powered-by
Express
content-length
4546
etag
W/"11c2-2QbJQZwlfYvAwh8oAQMlUAX7qCE"
content-type
application/json; charset=utf-8
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.loading&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoyLCJhcmdzIjp7Im1lc3NhZ2UiOiJsb2FkaW5nIn0sInR0bGUiOiJCbG9jayBDaGFtcCIsInNpemUiOiI5NjAgeCA3MDQiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6Ijg5Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1702376949980
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:10 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
/
game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/ Frame 6E1E 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/?domain=theepochtimes.com&v=1.36.5&localTime=11
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
bb5f213393702a560d3da0ce6a9265b4779e5d51fadf6b2d536f280a8a17585b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:11 GMT
cache-control
private, max-age 3600
x-powered-by
Express
content-length
4546
etag
W/"11c2-s2xnDePsAefmRD8l94APZowjBwI"
content-type
application/json; charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/?random=1702376950008&cv=11&fst=1702376950008&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&hn=www.googleadservices.com&frm=0&tiba=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&auid=424302550.1702376950&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
444ff70a5475136a53febd3d6e0a051d8e162618f6cac6963803d36b117312c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/717879253/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/717879253/?random=1702376950008&cv=11&fst=1702375200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&frm=0&tiba=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_l8VJWKucYspTRmot8HgtM1MdyxwYjA&random=4155553605&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/717879253/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/717879253/?random=1702376950008&cv=11&fst=1702375200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6373291&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&frm=0&tiba=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_l8VJWKucYspTRmot8HgtM1MdyxwYjA&random=4155553605&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.7036b77e.js
comment.youmaker.com/web/v3/static/js/ Frame E9BF 		466 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c34e5d3266ea00298001d8d288f2772c0829a74b54b7687b683a3dcdd91a4d23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/javascript
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
main.f8b20501.css
comment.youmaker.com/web/v3/static/css/ Frame E9BF 		300 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
26334b6e9122b102cc66898bceee5be00927575ff5bce29907a7b35a94688f37

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
text/css; charset=utf-8
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.success&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoxLCJhcmdzIjp7Im1lc3NhZ2UiOiJzdWNjZXNzIn0sInR0bGUiOiJCbG9jayBDaGFtcCIsInNpemUiOiI5NjAgeCA3MDQiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6Ijg5Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1702376950426
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:10 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
config
mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/config?env=0&plan_id=eet_data_plan
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e05a8574dbcdda2b12d655df53c484999c3f602a7cc74602c8a5ec3f792d5b25

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
255
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200114_IAD
x-cache
MISS, MISS, HIT
content-length
1884
x-served-by
cache-iad-kcgs7200114-IAD, cache-fra-eddf8230045-FRA, cache-fra-eddf8230110-FRA
server
Kestrel
x-timer
S1702376951.963599,VS0,VE14
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
0, 0, 1
get
subs.theepochtimes.com/template/ 		185 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=signin&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
get
subs.theepochtimes.com/rules/ 		2 MB
252 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/rules/get?sid=www.theepochtimes.com&pid=4c14e06e-dead-4a19-833b-f676ae9d77da
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4d1de9f1bc032bb0ac127ab34e02cb9a6f71b9e87965ae341760fe8229531833

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&CanonicalUrl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&PublisherDomain=https%3A%2F%2Fwww.theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.107.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
da5c90012134e30c59be615323d69ebe15f29cb6d3e3ea1d203f82fd1c0d4465
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
25
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
colossusssp.com/ 		2 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:10 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid
exchange.postrelease.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=558e2d352ec8f04&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZ2FtZV9ib3R0b21fYWRfNzI4eDkwIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dfX19XX0=&ntv_dbr=eyJnYW1lX3RvcF9hZF83Mjh4OTAiOjAsImdhbWVfdG9wX2FkXzMwMHgyNTAiOjAsImdhbWVfcmlnaHRfdG9wX2FkXzMwMHg2MDAiOjAsImdhbWVfcmlnaHRfYm90dG9tX2FkXzMwMHgyNTAiOjAsImdhbWVfYm90dG9tX2FkXzcyOHg5MCI6MH0=&ntv_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		346 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.250.56.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-56-77.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
3dc63c021dc7baed542c4532518177dadb0da3cf32c7d21e29260622c0958c78

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
server
istio-envoy
x-reason
filterByBL0Supply: filtered all imps
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theepochtimes.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
346
hb
hb.undertone.com/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3017&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:10 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
TwHxw7fc-weD7aZzVWcuDYcqN1mRBuqCdFDQBsAQ8Ksdbmzxe3Ms1A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904142718189649&correlator=3772973147822680&eid=31079828%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=5965368%2CEET_D_game_top_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=254739873&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702376950526&lmt=1702376948&adxs=1153&adys=96&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&vis=1&psz=320x0&msz=300x0&fws=4&ohw=1325&ga_vid=553582181.1702376950&ga_sid=1702376951&ga_hid=836006685&ga_fc=true&dlt=1702376948332&idt=1700&cust_params=EET_user_plan%3D%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26EET_user_type%3Danonymous%26EET_category%3Deet_epochfun-137957%252Ceet_special-epoch-games-155638%252Ceet_free-games-ad-supported-172624%252Ceet_premium-116266%252Ceet_frontaudio-161329%26EET_post_tag%3Dgames%26EET_author_name%3DEpoch%2520Puzzles%26EET_post%3D3942372&adks=2135588503&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
33f2ccbf7894a2cb7c2f9d7ef2ff6896aed49d901d7eba3a0b56e51145179835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12382
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A049 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:11 GMT
expires
Wed, 11 Dec 2024 10:29:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904142718189649&correlator=3772973147822680&eid=31079828%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=5965368%2CEET_D_game_right_top_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&didk=3201861404&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702376950548&lmt=1702376948&adxs=1153&adys=120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&vis=1&psz=320x0&msz=300x0&fws=4&ohw=1325&ga_vid=553582181.1702376950&ga_sid=1702376951&ga_hid=836006685&ga_fc=true&dlt=1702376948332&idt=1700&cust_params=EET_user_plan%3D%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26EET_user_type%3Danonymous%26EET_category%3Deet_epochfun-137957%252Ceet_special-epoch-games-155638%252Ceet_free-games-ad-supported-172624%252Ceet_premium-116266%252Ceet_frontaudio-161329%26EET_post_tag%3Dgames%26EET_author_name%3DEpoch%2520Puzzles%26EET_post%3D3942372&adks=3838852029&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
382f386a714fa0d8be8e2bf02b5b9431cbccb14a62aaaf2990f49564773ff7c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46681
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904142718189649&correlator=3772973147822680&eid=31079828%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=5965368%2CEET_D_game_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=3&didk=3042669188&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702376950558&lmt=1702376948&adxs=140&adys=96&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&vis=1&psz=975x0&msz=970x0&fws=4&ohw=975&ga_vid=553582181.1702376950&ga_sid=1702376951&ga_hid=836006685&ga_fc=true&dlt=1702376948332&idt=1700&cust_params=EET_user_plan%3D%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26EET_user_type%3Danonymous%26EET_category%3Deet_epochfun-137957%252Ceet_special-epoch-games-155638%252Ceet_free-games-ad-supported-172624%252Ceet_premium-116266%252Ceet_frontaudio-161329%26EET_post_tag%3Dgames%26EET_author_name%3DEpoch%2520Puzzles%26EET_post%3D3942372&adks=1797975165&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ad9a5ebe34fb1b8fe4c480c7d40f5cc13c1868e78337787044a3b189eedaec9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13072
x-xss-protection
0
google-lineitem-id
6427651648
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138457933081
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
ea.epochbase.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Tue, 12 Dec 2023 10:29:10 GMT
server
nginx/1.20.1
c
ea.epochbase.com/api/pw/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
index.js
pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/ Frame 6E1E
Redirect Chain
  • https://pm.azerioncircle.com/p/locus
  • https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
18.239.69.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-99.ams58.r.cloudfront.net
Software
UploadServer /
Resource Hash
b98e1cfd3bc985929ee1cd472cb90f0ea7a35e2d21b9ef36865f93453eed1f4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:30:41 GMT
content-encoding
gzip
via
1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
338310
x-guploader-uploadid
ABPtcPr3XnNItDQjQEX7GybcbJPb2J3ENit1TLMEPTGsxMnKjk4A9J3Qb8sNwoFTcNgMxkrVLuU
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
10055
last-modified
Mon, 30 Oct 2023 12:53:05 GMT
server
UploadServer
etag
"ee8f86fc8fa90340ef0bc7ccbc84ce46"
vary
Accept-Encoding
x-goog-generation
1698670385621342
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=gWu7nw==, md5=7o+G/I+pA0DvC8fMvITORg==
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
10055
accept-ranges
bytes
x-amz-cf-id
Ok7WvNRnnqJmxLLnQKdW0awX3evgm61pThF6ieg8K7OvNonCsMTs1w==
expires
Fri, 08 Dec 2023 13:30:41 GMT

Redirect headers

date
Fri, 08 Dec 2023 12:30:42 GMT
via
1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P4
age
338309
vary
Origin
x-cache
Hit from cloudfront
location
https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
content-length
0
x-amz-cf-id
UWHAZdMGdyUnJFveuUFZB1cGDryCUaRebj_Pc822e-QA-4Pw7MFxkg==
analytics.js
www.google-analytics.com/ Frame 6E1E 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:22:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4005
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 11:22:25 GMT
gamemonkey-sdk.js
cdn.gamemonkey.org/gamemonkey-sdk-javascript/5.1.1/script/ Frame 6E1E 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gamemonkey.org/gamemonkey-sdk-javascript/5.1.1/script/gamemonkey-sdk.js
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-47.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4f31876d3647b02707b37456236cecc3c652b935f3252233e349b8c62cffc2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:13:13 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 08:39:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
15357
x-amz-server-side-encryption
AES256
etag
W/"30db6b18ce39a9e3bfcc24a0863d69e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FDzxcD9LqTY2E3lBuVeINuGvn7pSWTw_SR3YdDwEPqU2PuiZwcaAGw==
dmp
tag.atom.gamedistribution.com/v1/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImdkLmxvY2F0aW9uIiwiY3QiOjAsInZycyI6IjEuMzYuNSIsInVybCI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwicmZyIjoiaHR0cHM6Ly93d3cudGhlZXBvY2h0aW1lcy5jb20vIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZHB0aCI6MCwiYXJncyI6eyJnaWQiOiJibG9jay1jaGFtcCIsIm1kNSI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwicGlkIjowLCJwbm0iOiJUaGUgRXBvY2ggVGltZXMiLCJjdHJ5IjoiQ0giLCJsY2wiOiJlbiIsImhsZSI6MSwiYWRzIjoxLCJocmVmIjoiaHR0cHM6Ly9odG1sNS5nYW1lZGlzdHJpYnV0aW9uLmNvbS8wZDhhY2Y3Yzk1ZGM0YzAyYjlkODgxZjc2OWE1YzBiMS8%2FZ2Rfc2RrX3JlZmVycmVyX3VybD1odHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyZ3aWR0aD01MTAmaGVpZ2h0PTkwMCZsYW5ndWFnZT1lcyZnZHByLXRyYWNraW5nPTEmZ2Rwci10YXJnZXRpbmc9MSIsImRlcHRoIjp7InZhbHVlIjoxfSwidG9wIjp7ImRvbWFpbiI6eyJmcm9tIjoib3JpZ2lucyIsInZhbHVlIjoidGhlZXBvY2h0aW1lcy5jb20ifX0sInBhcnRuZXIiOnsiZG9tYWluIjp7InZhbHVlIjoidGhlZXBvY2h0aW1lcy5jb20iLCJmcm9tIjoicGFydG5lci11cmwifSwidXJsIjp7InZhbHVlIjoiaHR0cHM6Ly93d3cudGhlZXBvY2h0aW1lcy5jb20vZXBvY2hmdW4vYmxvY2stY2hhbXAtZXBvY2gtZ2FtZXMtMzk0MjM3Mi8iLCJmcm9tIjoicGFydG5lci11cmwifX19LCJ1YSI6eyJicm5tIjoiQ2hyb21lIiwiYnJ2cyI6Ijg5LjAuNDM4OS43MiIsIm9zbm0iOiJXaW5kb3dzIiwib3N2cyI6IjEwIiwidyI6OTYwLCJoIjo3MDR9fQ%3D%3D
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-store, no-cache, private
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6E1E 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
24de42a0502d9fdfd4df03eff490af5fe0872917e727a2c46b701c0944d63a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Origin
https://html5.gamedistribution.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51732
x-xss-protection
0
server
cafe
etag
15084998957422367225
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:11 GMT
event
ana.headerlift.com/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ana.headerlift.com/event?page_url=theepochtimes.com&game_id=0d8acf7c95dc4c02b9d881f769a5c0b1&eventtype=2&ts=1702376950649
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOCyW7vgVkSeGrJBXP4UO2jrK4H19atTXhe8cyVb4sgCkyA8Dy%2FjSsOQTX2QQeK7hSJU3Pi6%2FPRRakJSOAR5ycLJFJmUE9iTv%2FRa5NnRKv3Lh57NzQcLuKjpWyruUDY5AUObvA4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://html5.gamedistribution.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
834548e849b359ef-MXP
access-control-allow-headers
*
content-length
0
alt-svc
h3=":443"; ma=86400
dmp
tag.atom.gamedistribution.com/v1/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImhsLmNvbmZpZyIsImN0IjowLCJ2cnMiOiIxLjM2LjUiLCJ1cmwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInJmciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tLyIsInRkbW4iOiJ0aGVlcG9jaHRpbWVzLmNvbSIsImRwdGgiOjAsImFyZ3MiOnsiZ2lkIjoiYmxvY2stY2hhbXAiLCJtZDUiOiIwZDhhY2Y3Yzk1ZGM0YzAyYjlkODgxZjc2OWE1YzBiMSIsInBpZCI6MCwicG5tIjoiVGhlIEVwb2NoIFRpbWVzIiwiY3RyeSI6IkNIIiwibGNsIjoiZW4iLCJobGUiOjEsImFkcyI6MSwiYXJncyI6eyJwYWdlX3VybCI6InRoZWVwb2NodGltZXMuY29tIiwiZ2FtZV9pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwiZXZlbnR0eXBlIjoyLCJ0cyI6MTcwMjM3Njk1MDY0OX0sImhyZWYiOiJodHRwczovL2h0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tLzBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxLz9nZF9zZGtfcmVmZXJyZXJfdXJsPWh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvJndpZHRoPTUxMCZoZWlnaHQ9OTAwJmxhbmd1YWdlPWVzJmdkcHItdHJhY2tpbmc9MSZnZHByLXRhcmdldGluZz0xIiwiZGVwdGgiOnsidmFsdWUiOjF9LCJ0b3AiOnsiZG9tYWluIjp7ImZyb20iOiJvcmlnaW5zIiwidmFsdWUiOiJ0aGVlcG9jaHRpbWVzLmNvbSJ9fSwicGFydG5lciI6eyJkb21haW4iOnsidmFsdWUiOiJ0aGVlcG9jaHRpbWVzLmNvbSIsImZyb20iOiJwYXJ0bmVyLXVybCJ9LCJ1cmwiOnsidmFsdWUiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsImZyb20iOiJwYXJ0bmVyLXVybCJ9fSwicGFnZV91cmwiOiJ0aGVlcG9jaHRpbWVzLmNvbSIsImdhbWVfaWQiOiIwZDhhY2Y3Yzk1ZGM0YzAyYjlkODgxZjc2OWE1YzBiMSIsImV2ZW50dHlwZSI6MiwidHMiOjE3MDIzNzY5NTA2NDl9LCJ1YSI6eyJicm5tIjoiQ2hyb21lIiwiYnJ2cyI6Ijg5LjAuNDM4OS43MiIsIm9zbm0iOiJXaW5kb3dzIiwib3N2cyI6IjEwIiwidyI6OTYwLCJoIjo3MDR9fQ%3D%3D
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-store, no-cache, private
content-length
0
x-xss-protection
0
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.loaded&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImN0cnkiOiJDSCIsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoiTm8gQmxvY2tlciJ9LCJ0dGxlIjoiQmxvY2sgQ2hhbXAiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOnRydWUsImllZ3UiOnRydWUsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1702376950650
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:10 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
event
ana.headerlift.com/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ana.headerlift.com/event?page_url=theepochtimes.com&game_id=0d8acf7c95dc4c02b9d881f769a5c0b1&eventtype=1&ts=1702376950651
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXr7D55%2BvFMdYVlLhvpCzmYw8ayjccMcEP1UQT8FkxquKe%2BOxDh3O3a2wa14juPe%2BWyROmTYFpvA96w3bvDynQjo4QHr9Ipo59PaEUJpwPjwNpwvskgU9oJIx4LdHIVUGJlWlPY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://html5.gamedistribution.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
834548e849b159ef-MXP
access-control-allow-headers
*
content-length
0
alt-svc
h3=":443"; ma=86400
dmp
tag.atom.gamedistribution.com/v1/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImhsLmNvbmZpZyIsImN0IjowLCJ2cnMiOiIxLjM2LjUiLCJ1cmwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInJmciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tLyIsInRkbW4iOiJ0aGVlcG9jaHRpbWVzLmNvbSIsImRwdGgiOjAsImFyZ3MiOnsiZ2lkIjoiYmxvY2stY2hhbXAiLCJtZDUiOiIwZDhhY2Y3Yzk1ZGM0YzAyYjlkODgxZjc2OWE1YzBiMSIsInBpZCI6MCwicG5tIjoiVGhlIEVwb2NoIFRpbWVzIiwiY3RyeSI6IkNIIiwibGNsIjoiZW4iLCJobGUiOjEsImFkcyI6MSwiYXJncyI6eyJwYWdlX3VybCI6InRoZWVwb2NodGltZXMuY29tIiwiZ2FtZV9pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwiZXZlbnR0eXBlIjoxLCJ0cyI6MTcwMjM3Njk1MDY1MX0sImhyZWYiOiJodHRwczovL2h0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tLzBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxLz9nZF9zZGtfcmVmZXJyZXJfdXJsPWh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvJndpZHRoPTUxMCZoZWlnaHQ9OTAwJmxhbmd1YWdlPWVzJmdkcHItdHJhY2tpbmc9MSZnZHByLXRhcmdldGluZz0xIiwiZGVwdGgiOnsidmFsdWUiOjF9LCJ0b3AiOnsiZG9tYWluIjp7ImZyb20iOiJvcmlnaW5zIiwidmFsdWUiOiJ0aGVlcG9jaHRpbWVzLmNvbSJ9fSwicGFydG5lciI6eyJkb21haW4iOnsidmFsdWUiOiJ0aGVlcG9jaHRpbWVzLmNvbSIsImZyb20iOiJwYXJ0bmVyLXVybCJ9LCJ1cmwiOnsidmFsdWUiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsImZyb20iOiJwYXJ0bmVyLXVybCJ9fSwicGFnZV91cmwiOiJ0aGVlcG9jaHRpbWVzLmNvbSIsImdhbWVfaWQiOiIwZDhhY2Y3Yzk1ZGM0YzAyYjlkODgxZjc2OWE1YzBiMSIsImV2ZW50dHlwZSI6MSwidHMiOjE3MDIzNzY5NTA2NTF9LCJ1YSI6eyJicm5tIjoiQ2hyb21lIiwiYnJ2cyI6Ijg5LjAuNDM4OS43MiIsIm9zbm0iOiJXaW5kb3dzIiwib3N2cyI6IjEwIiwidyI6OTYwLCJoIjo3MDR9fQ%3D%3D
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-store, no-cache, private
content-length
0
x-xss-protection
0
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.loaded&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImN0cnkiOiJDSCIsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJwbGF0IjoiIiwidHBjdCI6MiwiYXJncyI6eyJtZXNzYWdlIjoiTm8gQmxvY2tlciJ9LCJ0dGxlIjoiQmxvY2sgQ2hhbXAiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOnRydWUsImllZ3UiOnRydWUsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1702376950652
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:10 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
html5
gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/ Frame A34A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Requested by
Host: html5.gamedistribution.com
URL: https://html5.gamedistribution.com/0d8acf7c95dc4c02b9d881f769a5c0b1/?gd_sdk_referrer_url=https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372/&width=510&height=900&language=es&gdpr-tracking=1&gdpr-targeting=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.143.223.9 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0bc87fd3f2b5fff4191038925c3c4c51abb5cedcd77c9f5869f6c8a20561b1ea

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private
content-encoding
gzip
content-length
2817
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 10:29:11 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
request-context
appId=cid-v1:ed8ef83b-4780-48e0-b557-c767b944a488
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-robots-tag
noindex, nofollow
all.css
use.fontawesome.com/releases/v5.0.12/css/ Frame E9BF 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
604223
etag
W/"d896a88b71aa2ba5d6bd670429bf1bad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6zuYcC8Y%2BU4vx6P0lxrce98rno2udTj%2FLoLhKbY8Eyn%2BPryMN2gpmAHvCQ5YwxBd8xxgqrKEIRqr82WEsBIR8eKREvRif3Tdzs5%2FLNe62l6pY%2FNYDSbt5WS54mDfxBCAxlI8%2BEt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
834548e99feb9c7c-IAD
alt-svc
h3=":443"; ma=86400
show
subs.theepochtimes.com/template/ Frame DE0D 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyZDllYjI2ZjAtYjcyZS00ODEzLWE5MGEtNzhlM2JmMDkyMjYzJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyQ0glMjIlMkMlMjJjaXR5JTIyJTNBJTIyVEklMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRlp1cmljaCUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNDYuMDEzOCUyQyUyMmxvbmdpdHVkZSUyMiUzQTguOTM5NyU3RCUyQyUyMnN1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJoaXN0b3JpY1N1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJyZWdpb25JZCUyMiUzQSUyMiUyMiUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCU3RCU3RA==&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d7cd879df53ece5f82d10656b7890db0b9210823870eef37fceef4d7b133dd1c

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 10:29:10 GMT
server
nginx/1.20.1
vary
Accept-Encoding Origin
via
1.1 google
x-robots-tag
noindex
pageview
tracker.gamemonkey.org/v1/gamemonkey/track/gd/event/ Frame 6E1E 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker.gamemonkey.org/v1/gamemonkey/track/gd/event/pageview
Requested by
Host: cdn.gamemonkey.org
URL: https://cdn.gamemonkey.org/gamemonkey-sdk-javascript/5.1.1/script/gamemonkey-sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.19.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-19-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://html5.gamedistribution.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://html5.gamedistribution.com
date
Tue, 12 Dec 2023 10:29:11 GMT
x-cid
gamemonkey-74978fd5b-jg4ql
vary
Origin
f5296230-176b-4e29-95ed-cc75eb15ccac
tracker-v4.gamedock.io/v1/events-tracker/track/product/Game%20Distribution/user_id/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker-v4.gamedock.io/v1/events-tracker/track/product/Game%20Distribution/user_id/f5296230-176b-4e29-95ed-cc75eb15ccac
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.77.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-77-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://html5.gamedistribution.com
date
Tue, 12 Dec 2023 10:29:11 GMT
x-cid
gamemonkey-74978fd5b-kj642
vary
Origin
userId.bundle.js
subs.theepochtimes.com/lib/ Frame DE0D 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/lib/userId.bundle.js
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyZDllYjI2ZjAtYjcyZS00ODEzLWE5MGEtNzhlM2JmMDkyMjYzJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyQ0glMjIlMkMlMjJjaXR5JTIyJTNBJTIyVEklMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRlp1cmljaCUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNDYuMDEzOCUyQyUyMmxvbmdpdHVkZSUyMiUzQTguOTM5NyU3RCUyQyUyMnN1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJoaXN0b3JpY1N1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJyZWdpb25JZCUyMiUzQSUyMiUyMiUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCU3RCU3RA==&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ead0293d41f0c5fef76a0205ad3060391bdbeec5ae4920c5c6d2edec8bdea2e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://subs.theepochtimes.com/template/show?tid=signin&sid=www.theepochtimes.com&v=6&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmNsaWVudElkJTIyJTNBJTIyZDllYjI2ZjAtYjcyZS00ODEzLWE5MGEtNzhlM2JmMDkyMjYzJTIyJTJDJTIyaWQlMjIlM0ElMjIlMjIlMkMlMjJuZXdJZCUyMiUzQTAlMkMlMjJlbWFpbCUyMiUzQSUyMiUyMiUyQyUyMnBpY3R1cmUlMjIlM0ElMjIlMjIlMkMlMjJuYW1lJTIyJTNBJTIyJTIyJTJDJTIyZmlyc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIybGFzdE5hbWUlMjIlM0ElMjIlMjIlMkMlMjJyZWdpc3RlckRhdGUlMjIlM0EwJTJDJTIyaXNFbWFpbFZlcmlmaWVkJTIyJTNBZmFsc2UlN0QlMkMlMjJnZW8lMjIlM0ElN0IlMjJjb3VudHJ5JTIyJTNBJTIyQ0glMjIlMkMlMjJjaXR5JTIyJTNBJTIyVEklMjIlMkMlMjJ0aW1lem9uZSUyMiUzQSUyMkV1cm9wZSUyRlp1cmljaCUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNDYuMDEzOCUyQyUyMmxvbmdpdHVkZSUyMiUzQTguOTM5NyU3RCUyQyUyMnN1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJoaXN0b3JpY1N1YnNjcmlwdGlvbnMlMjIlM0ElNUIlNUQlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJyZWdpb25JZCUyMiUzQSUyMiUyMiUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCU3RCU3RA==&tn=EET%20-%20Responsive%20Signin%20Bar&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 11:29:11 GMT
identify
mp.theepochtimes.com/identity/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/identity/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2262
date
Tue, 12 Dec 2023 10:29:11 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
926, 0
x-fastly-trace-id
637039249
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
x-timer
S1702376951.050461,VS0,VE1
identify
mp.theepochtimes.com/identity/v1/ 		176 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/identity/v1/identify
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dffc4962ad31d0cbc29f7114693cd9caa624e37eff61d175933bcbd16dc2e9e6
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us2-c639a6aabfcf124097c91276dd5884fb
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
strict-transport-security
max-age=900
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 12 Dec 2023 10:29:11 GMT
server
Kestrel
x-timer
S1702376951.112775,VS0,VE384
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us2_origin
x-cache
MISS, MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
637039966
accept-ranges
bytes
x-cache-hits
0, 0
container.html
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C44B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:11 GMT
expires
Wed, 11 Dec 2024 10:29:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=5201&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10208&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10204&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10205&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
epoch_mixpanel.min.js
services.epoch.cloud/public-labs/epoch-ai/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/epoch_mixpanel.min.js?v=2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f05e45157561299fdf9c77b4ead956006bd678b5e82ad3180d5284e333c3ca28

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Nov 2023 17:57:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2007
etag
W/"6564d893-2ffb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y396p7X3mlsJ3Fzg%2FDLH0OmmkCrB5od7mE6MmbOAPnS4pIrBkusKmRf3RneM%2F%2BZTvRh4RmeNQHWdxxriOCrO028xKWyslrxq9Vfd%2BiO8npFw8ck0IEAwQMKdpc%2BSa5Xor99cwZKOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
834548e9af240e05-MXP
alt-svc
h3=":443"; ma=86400
optimizer.min.js
services.epoch.cloud/public-labs/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/optimizer.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9814f85523d0253897e2447a36fdbdc2a5e7647eb96c192f3d278393c955d2f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 16:28:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3704
etag
W/"655e2c4a-8651"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbYv4khYpEafW8IlfwxCGBvpcFUozhYvummglKtjulsWCZlr9wWBOuMjUWYZaBozq4q5W89Ei7MRunKNcjgAbaX4YYk3dpQN8r3s9o2wFHgfJ3dAeMp%2FL3Mbsq9emDUDbodf3tyV%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
834548e9af260e05-MXP
alt-svc
h3=":443"; ma=86400
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
get
subs.theepochtimes.com/template/ 		60 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=45ddbb93-dccc-4911-a2da-88d44b296ccc&sid=www.theepochtimes.com&type=noniframe
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
cda3dd8b74a8cb2699277dc3b4d82ac4482304fe884d47bc7638111bb5257bd8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=5201&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
auth
subs.theepochtimes.com/subs/ 		41 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10208&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
auth
subs.theepochtimes.com/subs/ 		41 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10204&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10205&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
get
subs.theepochtimes.com/template/ 		40 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=e4d5c7ed-b909-475c-919f-6721cf03f5d0&sid=www.theepochtimes.com&type=noniframe
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
03268fb285ed8486b6a21e5106f8faa3d517434bbf60c0e9a09e7e2737ce1345

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grumi.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ Frame C44B 		243 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25cedcca705bb3868d4583c1116ffd759da458ca07f0d59b8da9116a3bffbf08

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:25:20 GMT
x-amz-version-id
ToZws85xyxrgSTKvUSNBf0RlxWyrpl5f
content-encoding
br
last-modified
Tue, 12 Dec 2023 10:22:54 GMT
server
AmazonS3
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"58784bb9008a81e3a4c87b44ee2e0e28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
231
x-amz-cf-id
_yktehH_97Otc1EnIxIO8wErsr741MENxt7wU_zevUE6k1YBWPhGSQ==
css
fonts.googleapis.com/ Frame A34A 		2 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:30:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:11 GMT
lib.min.js
mixproxy.epoch.cloud/mixpanel/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Requested by
Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/epoch_mixpanel.min.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPpw8A8KO75QQuBYu5XzOgL1PkGbalBbnZS3rpxswHNSWXh92HEsgvcyP6NoEFe8e2JXNNY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 19:54:10 GMT
server
cloudflare
etag
W/"dff66d0b72bdc18a02be56412d5ef8c4"
vary
Accept-Encoding
x-goog-hash
crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
x-goog-generation
1699991650202934
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABzKkwdQEUmQ%2F83LDgOXeTDpGBj%2BV9Ujf0vXy0HIhAS8F5K1UQhI%2B2xfru4s0Hhjujrym8iT20dRca7zcOu1RXHMKCqMGF%2BlpemSwTy%2B3c0miEZmrq1%2BaHxtrmkbqX%2Bo73SzUnjmOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
18139
cf-ray
834548ea48710e05-MXP
expires
Tue, 12 Dec 2023 10:39:11 GMT
RingsideNarrow-Semibold.otf
cdn.epoch.cloud/assets/fonts/ Frame DE0D 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Semibold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfabd954a3ec494e41f63bab6f12a56ce35150c3b6eb0da47f1e61d5c22bfc2a

Request headers

Referer
https://subs.theepochtimes.com/
Origin
https://subs.theepochtimes.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5525
alt-svc
h3=":443"; ma=86400
content-length
126440
last-modified
Fri, 26 Jun 2020 15:18:33 GMT
server
cloudflare
etag
"5ef611c9-1ede8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZewCiZy5nTQiNSuP6MSokLql02mLSWc6tE8l4YwRAO%2Bd0BeNa2xfxGZ9JJxlbqZ7ZZpZNvcr%2BrvwsZWumXetjK0wufQiCSA9pWUBYfjaOvydcIR1aGK3Rg4clQc4GI1YwZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
834548edae9abb09-MXP
pixel
googleads.g.doubleclick.net/xbbe/ Frame CFC7 		478 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxj91aOAAjAB&v=APEucNXuu2dCg9NBqwBS5nmLP_SzoGszvAL7mGaD5kZ6uUoxe7dblNBwcIuwtb1U0aju5RxB3AcpdFV4rtTe-5QyTWGdYqSRbA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C44B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C44B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
38423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:48:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C44B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:42:28 GMT
l
www.google.com/ads/measurement/ Frame C44B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPqWmHfJNM36ME4u9AiZyh88giBSY5D7jYVqsxK_GVupfer8FeR2FpfMUuxxiW0OqI5L8oMD9Ffo06mVFz0_oULERM7A
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C44B 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCVsfQ_pf6V_9aAKbJ1QHyaIGq565M7w6FCnys-toa37oymq5-ov7iN8fxBfaHqoGS4YxOhKrOaY5HVO_ITNzqbOSriHzmzcyt500yb4byx5aZy3E
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
170.cd359634.chunk.js
comment.youmaker.com/web/v3/static/js/ Frame E9BF 		746 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/js/170.cd359634.chunk.js
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
41a491b6ec4c4ba2be42e5bf9040f0dc254b0fb6db203ad01cdfa10145fdcd21

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/javascript
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
920.163caa5c.chunk.css
comment.youmaker.com/web/v3/static/css/ Frame E9BF 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/css/920.163caa5c.chunk.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a7cf9d7d46a9d9b0d83d6d91e82f11dd37fbffab2d8841b530f352be0cb6cbd6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
text/css; charset=utf-8
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
889.c22e2dd1.chunk.css
comment.youmaker.com/web/v3/static/css/ Frame E9BF 		666 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/css/889.c22e2dd1.chunk.css
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
48b782933f4ffe1e923111eb93d3924b4807e78ce63064d0b01e0f96de529a4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
text/css; charset=utf-8
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
889.50003970.chunk.js
comment.youmaker.com/web/v3/static/js/ Frame E9BF 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/v3/static/js/889.50003970.chunk.js
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
13b81e5fbcfd1eceeed6736de88e9fce3edf25dead86bb944c0cfe179695128b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 19:30:46 GMT
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/javascript
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-version
0.1.2
user
comment.youmaker.com/api/v1/ Frame E9BF 		57 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/user?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a272a50a6b0526fe9222d72f29741b9d91a156ff75439a43b728fe1d5a6fec0f

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
accept-language
de-CH,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
expires
Thu, 01 Jan 1970 00:00:00 UTC
config
comment.youmaker.com/api/v1/site/ Frame E9BF 		390 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/site/config?site=remark&group=&id=3942372
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
6d819e03aaf3877c15b1d7d532cf06316663cad1aca835ac99497ab08e0bf0e9

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
accept-language
de-CH,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 UTC
readonly
comment.youmaker.com/api/v1/ Frame E9BF 		140 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/readonly?site=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&id=3942372&group=
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
635642b651869c3570d14f30f3e728b9d7a7b1ef739896f92bf21642182b845b

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
accept-language
de-CH,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
expires
Thu, 01 Jan 1970 00:00:00 UTC
container.html
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:11 GMT
expires
Wed, 11 Dec 2024 10:29:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
et_so_utils.js
services.epoch.cloud/public-labs/epoch-ai/smarto/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/smarto/et_so_utils.js?v=2023-12-12T10
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946c9c95fb7da4ae9249907e40e11291c00135e70991d34811f08617b20a5b67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2056
etag
W/"65369e4c-3506"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGd7oSmZr%2B7o95a8H89f7iikrHgQwJfgBcV8PVGq8Wssr4u6wdvWriashk%2FmwQUmJ%2BlhbOMg23ecfWCdDcMDioERABlTAd97Tphnt%2F6q8MH1NW0BP0nkzeG3OV1jRnxh6oFdttOlow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
834548eb4a3a0e05-MXP
alt-svc
h3=":443"; ma=86400
pixel
cm.g.doubleclick.net/ Frame CFC7 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxj91aOAAjAB&v=APEucNXuu2dCg9NBqwBS5nmLP_SzoGszvAL7mGaD5kZ6uUoxe7dblNBwcIuwtb1U0aju5RxB3AcpdFV4rtTe-5QyTWGdYqSRbA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CFC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAPT07GUbw56L-Wz9GcPNRQ&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAPT07GUbw56L-Wz9GcPNRQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxj91aOAAjAB&v=APEucNXuu2dCg9NBqwBS5nmLP_SzoGszvAL7mGaD5kZ6uUoxe7dblNBwcIuwtb1U0aju5RxB3AcpdFV4rtTe-5QyTWGdYqSRbA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgC8a4wXmlzpCV3IXQuT0tc7%2BRNW050ppYw3SPPFjNHwwahHqfmL9fW7FIn7mK%2Fg8OXuPhOvGtzbUmH36KsVm2784geTumveEGlBFzxlsHiPIKq1TvEqlSMZDfsfRYBiI%2FF2KcAehztFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548ecfd694bdf-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAPT07GUbw56L-Wz9GcPNRQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CFC7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXg19.CgV1XLmDdXOS6uOQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUDMFqdut41MrHKjFAKf_8&google_cver=1&google_hm=2
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUDMFqdut41MrHKjFAKf_8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxj91aOAAjAB&v=APEucNXuu2dCg9NBqwBS5nmLP_SzoGszvAL7mGaD5kZ6uUoxe7dblNBwcIuwtb1U0aju5RxB3AcpdFV4rtTe-5QyTWGdYqSRbA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhZbYD%2F%2BprFR3x%2B%2BZWFS5UbE2EwRRas4fHQQnXieV%2FccT9M8c1g0kgW7sK2fj4qfxvYd%2BsMt2xZrld%2BduwM%2FO2S%2B%2FSaMd8L6djGPRYizl01JC9XxQ1pq6EiDeQD25cHim9h4WyVkUJWLmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548ee8fce4bdf-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUDMFqdut41MrHKjFAKf_8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
grumi.js
rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/ Frame D5E7 		243 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25cedcca705bb3868d4583c1116ffd759da458ca07f0d59b8da9116a3bffbf08

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:25:20 GMT
x-amz-version-id
ToZws85xyxrgSTKvUSNBf0RlxWyrpl5f
content-encoding
br
last-modified
Tue, 12 Dec 2023 10:22:54 GMT
server
AmazonS3
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"58784bb9008a81e3a4c87b44ee2e0e28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
231
x-amz-cf-id
LaMqFNt4yQo9wPfmxg6ShnAYr9yaMuE9xLRTTy8JnBcVdm2juhrefw==
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.success&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoyLCJhcmdzIjp7Im1lc3NhZ2UiOiJzdWNjZXNzIn0sInR0bGUiOiJCbG9jayBDaGFtcCIsInNpemUiOiI5NjAgeCA3MDQiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6Ijg5Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1702376951610
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:11 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
/
mixproxy.epoch.cloud/mixpanel/track/ 		1 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1702376951627
Requested by
Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
31
alt-svc
h3=":443"; ma=86400
content-length
1
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLhcv8JdpPknSUz2mOCqDugFd96M8gLu1Ue0uPuxLhATwRSRh0HBXplTLVexv4FQBpVZvmg55pBc2xovo6gGgqzktHuqSkvkxFJAywcjwsKN%2FzHUnFUPoroO%2FAEZZvvSdR8MID%2BenQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
834548ebeb6c0e05-MXP
access-control-allow-headers
X-Requested-With
pixel
googleads.g.doubleclick.net/xbbe/ Frame 671F 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYpZL1-QEwAQ&v=APEucNXlcuzZPMtrLudGHqz1i5w5vK4ymdiyQFGlGd8R-4FbYc7PEi_m74rWAhzgE5MzCsT9jeTckYybmVYDJWNcshxyelk-8w
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D5E7 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Origin
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 20:46:38 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D5E7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
5361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:59:51 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D5E7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
35140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 00:43:32 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D5E7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 16:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
65036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 16:25:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D5E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
38423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:48:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 05FA 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
49758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D5E7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:42:28 GMT
l
www.google.com/ads/measurement/ Frame D5E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5BLIIDsv92MlmaxYHLpIuWTC7qqVy6XCZZpw6Mta394M21AzEYt4hfmKIarGosOR-oM-8Qgbl04ObPf6jxYxCSRtRng
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D5E7 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5E7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AI8c5PFXXHbXhBXf6imN6u_RqR61snQbQVSY9qrfxrisBohLURniw5s1FpwDzPuYCc73G2RgofKy-UuWNKo26-ApxS8NqbDQBzl8aczPrezUQXD1g
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 37F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZR7DfRkR6oGrfPVaqyGAtagQM71xvqwvlqMjhWTRUscYcYSLgYFYqCZQZq-qohgQVAi6fkAvT3UT8KknR-8SQG8Qgt55JqoA8xtvtF6ylKzX8q6NZEH7SkAdswdM_Q_KJ5I4sQhFCwvvauyPk_BssAdbR4X-hm5kEHKG7FjjPTVQ_eY2Y5ARAX1LWli_7qgxv5TEAm3LdeE0nO8FAmRNitlDabduox9RZtDph0ljKVyVCnKOsa1n_m4hReON6O_IXX-7ZOpHQ7eDTlSVlgFVrmW2xagzNxsk_RMrfd1zLK2LGeqNZbZvn7nH_VYGx_Zeh2Q1vwtOb8BaoAN8PNcId3g94BTcuKU-L9w37PeIiqCuF5ZjmO5P1Viz-oTH2t-Z8I5foP7pRgPtkAEToSS8jpxU0ylgLEoY1-lqdsGzK_nE&sai=AMfl-YTNrLZmY2BFnNbWQuMs-m5AkpiJBP3-D5cjUUOn6OO8vzJJXH0fJpvAZcn3hvjZY39AuOoGc8SKe5m_yru3yH-Xc692yizyXkMGtbbGmFiw93lU0Oc7p7qzpiOnnQ&sig=Cg0ArKJSzFL1HZEIiw0zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 37F7 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:12 GMT
14550586295422879615
tpc.googlesyndication.com/simgad/ Frame 37F7 		224 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14550586295422879615?
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
d9a6b81f4f1407c44dcf833e1ec1afea59abafdda38daf88ac79963e636dadec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:45:50 GMT
x-content-type-options
nosniff
age
2601
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229718
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 19:18:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:45:50 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 6E1E 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
508945b58b4e0cc020ce1e661045cab9f1ed6b1d515c43d17876b1290fb38fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137692
x-xss-protection
0
server
cafe
etag
2680209007042641615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:12 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 0C7E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
40218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Mon, 25 Dec 2023 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
headerlift.min.js
hb.improvedigital.com/pbw/ Frame 6E1E 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.improvedigital.com/pbw/headerlift.min.js?referer=theepochtimes.com
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
UploadServer /
Resource Hash
f8f0a3a57a6375a0604e8b4fd0b631c441bbc721f280fe5970b5717eff4cff6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:28:42 GMT
content-encoding
gzip
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
30
x-guploader-uploadid
ABPtcPrlTTyIV0x-gMPoWqC6OnX1fdsENhFQeLVA-BAZdB7lmPUFqhEhFc5UWCmjyttgPhyBQOlixpQWZg
x-cache
Hit from cloudfront
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
63536
last-modified
Tue, 17 Oct 2023 09:50:53 GMT
server
UploadServer
etag
"76d61b311c7df781e819fb9fea953aa3"
vary
Accept-Encoding
x-goog-generation
1697536253119173
content-type
application/javascript; charset=utf-8
x-goog-hash
crc32c=aHjMCQ==, md5=dtYbMRx994HoGfuf6pU6ow==
cache-control
public, max-age=3600
x-goog-stored-content-length
63536
accept-ranges
bytes
x-amz-cf-id
dqs5mcJakVJ4XsqgaY9PVfG3AIX5pc5Asq35ku05kk-Udg2UxagUsw==
expires
Tue, 12 Dec 2023 11:28:42 GMT
auth
subs.theepochtimes.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10214&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 10:29:11 GMT
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
auth
subs.theepochtimes.com/subs/ 		40 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=10214&subscribed=
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
bounce
ib.adnxs.com/ Frame 671F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELn5M8qCMB4dxdIYmZO8Blk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELn5M8qCMB4dxdIYmZO8Blk%26google_cver%3D1
43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELn5M8qCMB4dxdIYmZO8Blk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYpZL1-QEwAQ&v=APEucNXlcuzZPMtrLudGHqz1i5w5vK4ymdiyQFGlGd8R-4FbYc7PEi_m74rWAhzgE5MzCsT9jeTckYybmVYDJWNcshxyelk-8w
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
831cf13a-f1cb-4191-874f-db5a89e3a673
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
ca30b09d-0c6a-4138-88d5-7dcbd65b1772
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELn5M8qCMB4dxdIYmZO8Blk%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 671F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MTMwMjU3NDM5NDM2MDA2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MTMwMjU3NDM5NDM2MDA2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYpZL1-QEwAQ&v=APEucNXlcuzZPMtrLudGHqz1i5w5vK4ymdiyQFGlGd8R-4FbYc7PEi_m74rWAhzgE5MzCsT9jeTckYybmVYDJWNcshxyelk-8w
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
f054bd62-c858-4f1b-8c1a-00f9797e40aa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MTMwMjU3NDM5NDM2MDA2OQ%3D%3D
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 671F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBRk1Pr8YbTlqk2Mg1j2bb8&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBRk1Pr8YbTlqk2Mg1j2bb8&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBRk1Pr8YbTlqk2Mg1j2bb8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYpZL1-QEwAQ&v=APEucNXlcuzZPMtrLudGHqz1i5w5vK4ymdiyQFGlGd8R-4FbYc7PEi_m74rWAhzgE5MzCsT9jeTckYybmVYDJWNcshxyelk-8w
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBRk1Pr8YbTlqk2Mg1j2bb8&google_cver=1
date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 671F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjU4MzQyMzUtYmYyNy0yZjNkLWZiNWYtNzQxMDM3YmM5YTNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjU4MzQyMzUtYmYyNy0yZjNkLWZiNWYtNzQxMDM3YmM5YTNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYpZL1-QEwAQ&v=APEucNXlcuzZPMtrLudGHqz1i5w5vK4ymdiyQFGlGd8R-4FbYc7PEi_m74rWAhzgE5MzCsT9jeTckYybmVYDJWNcshxyelk-8w
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjU4MzQyMzUtYmYyNy0yZjNkLWZiNWYtNzQxMDM3YmM5YTNl
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
get
subs.theepochtimes.com/template/ 		205 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.theepochtimes.com/template/get?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.198.102.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
main.css
ams.cdn.arkadiumhosted.com/static-v4.0/content/css/ Frame A34A 		158 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/static-v4.0/content/css/main.css
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
fca08beff880f012b419c9f0259f1a5d7d332a97156669688eec7b7c9a6cbe80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2023 10:31:41 GMT
server
Microsoft-IIS/10.0
etag
"9d6819dcf141d91:0"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=856
accept-ranges
bytes
content-length
44583
expires
Tue, 12 Dec 2023 10:43:28 GMT
headbundle.min.js
ams.cdn.arkadiumhosted.com/static-v4.0/content/js/ Frame A34A 		390 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/headbundle.min.js?v=Arena-4-0-Live-20230215-1
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5d7096b00e8c7ac35742ac38d43845f7dcccaa6a9e033f60c0494c16a2dd2b97

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 12:00:59 GMT
server
Microsoft-IIS/10.0
etag
"3d82f653d1a9d51:0"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=86
accept-ranges
bytes
content-length
136432
expires
Tue, 12 Dec 2023 10:30:38 GMT
counts
comment.youmaker.com/api/v1/ Frame E9BF 		110 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark&post=id
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5f7994f614840b1913abb1a77b6df19e84d45d582847fdff4bde6070ef0c0c29

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
accept-language
de-CH,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SITE-ID
remark
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://comment.youmaker.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
truncated
/ Frame E9BF 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bf4473ecc25fc8a56c7da4846022537d11e73a499922e0a16be9b8f83869052

Request headers

Referer
Origin
https://comment.youmaker.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Acta-Book.otf
img.theepochtimes.com/fonts/ Frame E9BF 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-Book.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-113.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:12 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Access-Control-Allow-Credentials
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length
548
RingsideNarrow-Book.otf
img.theepochtimes.com/fonts/ Frame E9BF 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideNarrow-Book.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-113.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:12 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
126860
Last-Modified
Tue, 11 Jul 2023 21:21:51 GMT
Server
nginx
ETag
"64adc7ef-1ef8c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=26808584
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
RingsideNarrow-Medium.otf
img.theepochtimes.com/fonts/ Frame E9BF 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideNarrow-Medium.otf
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/css/main.f8b20501.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-113.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer
https://comment.youmaker.com/
Origin
https://comment.youmaker.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:12 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1289467
Content-Length
126244
Last-Modified
Tue, 27 Jun 2023 23:57:44 GMT
Server
nginx
ETag
"649b7778-1ed24"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=26195286
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
20
comment.youmaker.com/api/v1/getlist/ Frame E9BF 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/getlist/20?site=remark&group=&offset=0&sort=-time&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&id=3942372
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9672f7aed33ca6b1412683306bb788e3214fdaaff28c0df7e24d864a131dc8cb

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
accept-language
de-CH,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SITE-ID
remark

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 UTC
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1DAD 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:09:51 GMT
expires
Wed, 11 Dec 2024 09:09:51 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D5E7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b847350797003baaec7c57aa53f5f646a9f095d37d4e313d7c46bde9b1919dfb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=422600376797&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
49 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=422600376797&version=m202309260101&ct=119&x=1&cor=16189552866790000000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C44B 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6cc0EsnYe4-AmnNhHk_mjuis9Kg20GFNib6VVB4N1ngW1BC_sP-ch51Jy7ALfS2lULESGV9vTERdfivwWxtcqdfWN2p0t0d1PFXE7hUSba7dpdHV11wBo9O2fD14nPy1cyLMgRG-rluQAe6gChYGk26XT8oMpjdNS9moVvyaHFCqm7PaNhjUikwMO6Ya58zeb6R3l&cry=1&dbm_d=AKAmf-A6s9-TqOVY6E4k_6gBOQZidrUs0hoxeRdwknzpheKSqUxc1oT9UA9D5rtF-hp5xq1-dCY8VKOxBuaei3ganHpluwpUsG_QETV6ELKQ2MY5uBg6NYl6pQ1c-xLZ8XXCrVtbF4ySxUi-CQancpMhMTv2c-LbAyLy1_906JgSLg5_bFVWStmWulgkBdms_hFP-cLir_aK4yPz6u-HEpuj435CWj31fNe2joU20t8za_KZINaBNyWGEaQitQzMfKDq1telHhvgDwsIyjmcPRzOhLX7Bd5XkYRhM7qf4OSElIhJrgZ1QMj_FOsJStBhQmtpF_O45ra-Kt84qUWpAk-uMSGybZyd7EOlhT6dxitHQR26EDSy0kifqhVL-Zh-eYLvXW_n-G8nzB7mDnX3eyZ3YQapA1AIuys6O2e9XAz0uSsCqYbX4FVcaJCG_TJ3I-xXaQ9PNB1Psa79YIufpGuhNvvK35ijIlhvRcL3GDdcqF18RShz5bxedaiLGV5DHzv9fkzbe2-BcxV1n3UI3NsiVa7LOaZQPfdFHkwKe1bhTyJ5F5Ym5LANfZ06xAVmycDmyrTsQWgOnotrC9OOQUK_0rITXJ14dZpiTEgJmEV1bcfw6Pu8A2HkccA7lLXjX1HeHmgy5uckeCetSBFxg8OujySKPZGWdXy-7LuydhFFonSWzmS8P_hOirBAmmxxVnHF6P1Y_oMLYbiLDKa9D6ZsCm0Y1hfsMprLSGJmElCbr0wGniag82Q55IwbP6AzNOm9hj18sfZOJUP5Y2ZYkNV9qV1WgZxU2FxCoFYAD9S9ASclgO95flYhipSU3g2xwp9-1zQo8YYjomv9NpG4Y9zBjCGN-yTaeY7GEv9c3OcHYp-ye7D2iSg3NSQwZCIfpV8EngjMggiN2FwLbWGw-VDo1i7RwPpDPHJS1eT_LpJxybrMorTQdjj2nUS6AOZb6ewgzTjFwOMwX7Ps1arOZ6NmrhmzyoNK4Vz9G2BjR0lgvRIyNoX6yQeuxK3p0C54-Y4cKEZnv7GxNWuHm6TvhP_gkggJHTrTnoibyLyKMS9sBOUg0tTKbE0B0JV3VTaHvzLCn6pBdSzMJbTRXV2U-CZOFsfKAgmUa1LPEPYCwHV21OoOv5hb4qqpd0NcJzVAqCQ9v5XGm-11PVLh4cxfuU6MFAtlzdAJkGLq5mD2rAn460yKVAcBOc3BMP1RYc3HYVbpu6Zwx8dFs17-7rGvzZ8-Lu7-f7wKPAXj_3btdtp7wWE6-K-G62bf5TCVr7plipEGXBxWvWdJLt7yZDi0NqgintRxCPn4BB5U5egLpuiHnS5fbJ31yNcqEQ-lgOEuOQYLVXVAZe6AjApK9nfH4-yizD5C890KiRVGAtsgDdfzHaSVmDTQ2KCyvoqCGzbuEMAR4P_cs8iVEYJ9Mdb0TfJxae0L6SDcqQZjppJsR6fKTD31hHi5NJ4IMW5AZbQy9hoo35wMbCfxZZ614Mcf5-Mjz1YiPiWzP9ueE7iLMHZxQush3aaI9P5mo0Tj1dpl60kzZGkYCspyeSW9Wpg1qcBIGxws3VL_kzKThQtFReLUOC-a_fi_p3oYcjNevP1nU9_cGo2zhG5nIsl16K3yZXdEDBSllt-f7bqYG0f_TF0uvSw-o7OkoJDXyQMyBv8Egc0fLAOkDf_tcCh5eRmwIpaQ-ucbJ6NU1LTjrsOXgOPHT3XCyNb1S0Xe4_3toYmQV-Jo7fbVG6ceEosMGMLt0cQo-ybjZWM7QzYhai_HCf114F10-1wF5OPvYcqNZsrIAuZb2X6McybHG73G3-CK3Q6yi25k0YgjEmpbQjXkta9PHAwwfXwJNpSzlZXI3820y36AP4wa52Z875G5NPm3ggkI6LzaDmqW2axCroZ8Hgs2ND-Elf8VENmnbwbkNa9jl0s096EH2LouCG2B1aTgalj3UCdiDlYFnm6YuAgyaTa2P4aaqdG92nBkW03EX_6Yg3mL3ZWeY8HpYPvBtjocjr5PLG2DpM2Jff0qF3VKVVBVfu2Aoatz-N-uetYTbhWhbDP_AxLiY-Y3xxv1QLbnL_vToQigNMD1ZXv_SkYezQ1ZspbWESJI3YSShHtgR_cOkLBiHIbirm03mp4hrRBT8MPR40pPiMnMq4bC43y1fgWz4yJdsCw6YILhZLd2AVnN_e05UhzJm5GhidyOGlqtV8hBmYcuzyZIQDiKVWkeWV7G4YT49CIq0qwqRGjcRQvRCOBiEEsekzgzkUR3HLyBGPz8l4-ij2j8sJpaLFjDv46xGTiVt6t4lMkmn-vfhSRWdJvQ9LIAYrHwZlBI0LkJ0LBs4SVBfwqkT4eKpfEKNdag2B6TBZzS24h8xEDWqig1PVeyCZyXMaTPnJ4xWDlApf1QsWzcsNHeD2fngV2Emi9yHrrNi1abRMdTjhEnod7L3OS8l8qNE_JQBGSs0ysx5KeaIKEWpHat7doVvAV1d9qDJD2m9n0UMfKaCGspGi_T7yZ80hhsUBTLIDqU_n-7NjSILhJ0PyKjlaSwQGxYOWm3z1_G12wXKzr9dvQ2LwYtFWurv2t7USXbn-TNiAFh7-Wgs6MufIT6M7bb1vzdohPz2-uGZS9ePMp8JB4p_RwPT8yFSDXBYq2wa2YGa0cEsQyE-j-6dSCQIwudRqo9MRPiaOKihJtd3KZU0VnOfMb2n6_KwtHWkLVkB6tOG6WbJI5vZwBnrjKDBaepkIb8uEZgjstdC5fyaPMEKsbDHX0BbGBSH4bqiqsryMAfz61QvMS5KO8Q6c6Wi-RvnOC1XX9tT7fdbGiYtbnMX5hXOqZhwMMC4T8aeuE9myTiupyIAld6ldPYThw6OWsKy_T0Dt6oIFRbDMIwI0bKP4Uu3s_Mdz52GNlxhGcQTk1jFdOjMGDiWFbhUVGnFNbTzOWn04zlxqkWBXEh8SVlkrXEOE2OXoeSim_X5qteTtMzCmitp067zVBSq3oYME-DzYRVCm8z7-LhoabcGWbp3KiJUWqMVGppgg0hIiB7jDWN9-AzFqZZMhSgNtyeNvy8uT8LFXZnytAzikKmA7qYN3kcW2Sa81DRcV4Ge5xe0fq7kg-MMluWvDilZMmf6LdVi-rvt7qLyTFu9qZjou11765_F6-U3mNYGwxE5wKSzj1Wez9-aRnduT-ehx6xCCecv_eRXaGWdnTv2aGM22rud55LI6sHdXKTSO1pB-2DJwXg0oPaoa2Y6RSH1u42IdwAw9BH1l4QA5uSX_7jqBKgeCr6KhTeOvikQU6CwBnccbXPvEyiSTTBE7onweJz6IspTcAqHMihvlYzsARBqeWOJS3iiSbbWuDfIPqalGMYtQZl559T1lqmis0O6R0eIA6_w7DkfexxWfMqu_-89oivQoEOThHlzvXzG68Iqej-9cyaZLYqcS59yfLqnCK9_aQ-VAFf6wcllN7eGeUA9kD9le1C5MVGRiKF64LW5HaelEU0Tr7PUnYJaZHuU2iZSaQ2MiAXeRGDL2_lp9O2S2nEhL8sZ8nOXkOQE9jV3ZJyK0d6ZFJfZvSa8MUIDMLvoDhRIS4Ood2T7JQugEFzSjAR4OXbKwZ2NEGyU0RVArx8zAz8VTJ1ba-J1OIAEBh1RPrGLA8JXUhbqU_hKq42QfDeM0Xv5gQDNwgZ-VC2XShf59z-nt_-rODTcxrY2oevMdiKJtmv4VHZvKWiVaHic_X60UiwqFIZxTFACXxwgstrleWWjOEfscAEt-drMMwUvjSjBqapOxnuJ4ACW2bwKr2fEobSSvIJwYV9nG7q4VudDNJZfORGzRjecs2pneVFdrSrQ83eu5lTdP0rlNPxbkYQ13INfYYX2TEMm8u9-wVyNcfnLNaBC5s1iRld6_2h-wAk8coFCg6NOD525AbmQdMoS8_WE45qYoJHClmIOpUKDD97Kyz29K_yHrxUJH6-XjJesBQMVT0wwJ60kw_2kiyKa1BTQBt5gm7nlUp9XJXvYJXOujknfpokQ98J3tjsIyXfJA1T9NBbRvoHX_tEk5dBJLejFZAtxGaht_bGdIuO5A9jzLVInzs0vWFpEPfR2m7Iqqdn47FPaI49J9pgkCLECIeuELfhBCLsrHtl_LlIKLfcK1t8M8tUWixnAaKVKOC7G7LTI_tTZan9MsauC-Ww71rQ9RDx8kd_wzGbMX5iplsAUTZU3GzDTcwzLPQOWNmhUhVhJ3yq7QyQ-zq-o6dSRs42ju-WQmedZ43gJmfbrMm_aw0ljBajxLiQbxb7_ukW-tmA1AB2SUCIAkIaM2QaPNIhUqt8LlnzT0BJ4GMnGCZNeOHPvqaDfyuJsI-dag&cid=CAQSOwDICaaNxIph1UYWYaMP-qxywCqat718XbyJ4WZPvCuAlEIyu6Wlen5SYsMUe7_SfIpfsry6ZBauLHXOGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theepochtimes.com%2F&ds=l&xdt=1&iif=1&cor=16189552866790000000&adk=2228999114&idt=631&cac=0&dtd=6
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
33fcc75d43c2c016d1265c4cde62d316b84a9bd6e9981a093802cb5e11b5459a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39073
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 37F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWhMkrgex3X06egVutpOVnLdVJxK-VXUVGOStD6JjxiuYKtO6HyGIOkD4pYlWCSJwcNcBQWiR2pUG-9KLVcN498FMzYfC1nieI4JMTKpsuz878arbuoZp4XHzvXYgUy_V9gdKLC_0dsMJOO0fxsc4QYXA_NuGLDoR8rfrFpgkQstzVmurBxUoQWfXFqVTkVoN0v4BvZbQ_jqrYLNTVmSDO4JKcDWk4Pe_dX4WYh12Sp7guYHZafK2tbfRCNWhAIL9o7AcWy_7LOBtPMJXfHaBrxaudl2YA-WoszUnIl55fdXJJE5KIesec9mjH_tJOkf6geHU-lPZGSEQFmmTPSw4tPPKsk6IErm0_Fl-jrKsXHI99dUxe1oekJZjwIEQH5rlnzWaabz-R&sai=AMfl-YSjjVMei6jzf0KcAmwJD5lIZUJAtFwCCtUUo-Cx-Dz8NIErcubDJF9lc19IZxQWL3Uh3jk0PRA9KvMiw6WHuUWevv5ImNgrEdhkNu8a2CuSElZCqjpqZHH3HPjWpQ&sig=Cg0ArKJSzJ1_cGz4p_tLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 10:29:13 GMT
truncated
/ Frame 37F7 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e591c15373d8fcf0ff0b9fdc9022b28f8701eae07a4d1c7144a7a5cc82fb3233

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
senddata
subsapi.epoch.cloud/db/ 		16 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/668f0bba-02f16f3e7b11d0d2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tfdAgDPGb1WZxRgHK5gtJyg970Kd%2B0a5JI3lADAFR9q%2BZeIS8P%2Bxz%2BeKUvtgOdvBZFalt0X%2FU8i4HiJibBlt8FXKQ1vSrKH3edgisRor2j2Z%2FIbBJfywG40qopwlPgUGZzRVJFB"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
cf-ray
834548f24eb8bb09-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
16
alt-svc
h3=":443"; ma=86400
senddata
subsapi.epoch.cloud/db/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
834548f04b33bb09-MXP
content-length
0
date
Tue, 12 Dec 2023 10:29:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kkL3tbRtCVzqE1fsSvPC%2BTHLoyEPaJAeqTarI%2Fdb6pYgnfyBlpfJBCGoX5XbGtQzSYyW4JAA5q8lwUFD8W1E4AjLNRJ3oaec1Clr7t9DiMa9tmU9hoxl7DRSuLSh1G%2BtkC%2FB9On"}],"group":"cf-nel","max_age":604800}
server
cloudflare
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C44B 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Origin
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 20:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame C44B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
30674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:57:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C44B 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
49605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C44B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 16:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
65037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 16:25:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CB57 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
49758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C44B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8b26785ed28c0d29cef2def12495e32c955fb914d87a66a5b354622d55a5ac7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
init
gw.geoedge.be/api/ Frame D5E7 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.40.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-40-117.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
NKyZvhLn1wDGlSStnLG3C53M49dF6dxwPsTnfmrsFJjkfaTKsCJzMA==
x-cache
Miss from cloudfront
dpixel
cms.quantserve.com/ Frame 05FA 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBEItxM654ba96xt93tRJp4&google_cver=1&google_push=AXcoOmRvqI25P-_Tq3KmK6wAsg9Kn-ec2Q4JFBhinRVwSUnCK9ehYGSByGz5XV1iKpVs6FBiRFzVJ64PXj3TxgHjeKJQ0yRNW6Y
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05FA
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_cver=1&google_push=AXcoOmSAsL_rAiIdO699b1eM4ahl961SMwn6DgZli8TKdGglnDWWq86...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6b7531dda2a516fe&is_secure=true&networkId=14000&version=1&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_cver=1&google_push=AXcoOmSAsL_r...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIIqB6TrTkVwMkXxRpAAAAAAA&expiration=1702463353&google_cver=1&is_secure=true&google_gid=CAESEFA0a-dvQw4H71s7eT-Hm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIIqB6TrTkVwMkXxRpAAAAAAA&expiration=1702463353&google_cver=1&is_secure=true&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_push=AXcoOmSAsL_rAiIdO699b1eM4ahl961SMwn6DgZli8TKdGglnDWWq86balxQ8F4sw1Gk741_PqJ_5NBhiVOlNriUGkCz565x3aM
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIIqB6TrTkVwMkXxRpAAAAAAA&expiration=1702463353&google_cver=1&is_secure=true&google_gid=CAESEFA0a-dvQw4H71s7eT-HmpI&google_push=AXcoOmSAsL_rAiIdO699b1eM4ahl961SMwn6DgZli8TKdGglnDWWq86balxQ8F4sw1Gk741_PqJ_5NBhiVOlNriUGkCz565x3aM
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 05FA
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELt_H4Qj4ZYwbT0GK5mAV6M&google_cver=1&google_push=AXcoOmQ5fBblEZczLGfTWlbqojOwEI03pMYoX8JTT33dkA5GIPJfUu4VZq903xivlxcknWawubFUtYNALUA...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ5fBblEZczLGfTWlbqojOwEI03pMYoX8JTT33dkA5GIPJfUu4VZq903xivlxcknWawubFUtYNALUABsm1d7HKHmcp4Mi0&google_hm=HDKX_tbnQd-ztg8V6heW1jI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ5fBblEZczLGfTWlbqojOwEI03pMYoX8JTT33dkA5GIPJfUu4VZq903xivlxcknWawubFUtYNALUABsm1d7HKHmcp4Mi0&google_hm=HDKX_tbnQd-ztg8V6heW1jI
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ5fBblEZczLGfTWlbqojOwEI03pMYoX8JTT33dkA5GIPJfUu4VZq903xivlxcknWawubFUtYNALUABsm1d7HKHmcp4Mi0&google_hm=HDKX_tbnQd-ztg8V6heW1jI
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05FA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDfUfpnU1Lx_qw2L5ISavZc&google_cver=1&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDfUfpnU1Lx_qw2L5ISavZc&google_cver=1&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYd...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC2kofEPk&google_hm=yReToe3kSm2l5V2yP2veIw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC2kofEPk&google_hm=yReToe3kSm2l5V2yP2veIw==
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRF8C6f0ATtGpzWPMWx8myhKmon4BxyiOZZAo7nP23bKMYe9SdhjBxCV1M8PX2xZUYmZduud3BDnddvYdoCABSC2kofEPk&google_hm=yReToe3kSm2l5V2yP2veIw==
date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 05FA
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOItjtsfTOBx6fXggeid-vw&google_cver=1&google_push=AXcoOmT3fsky7iGewpBDtZShZH5CDOhShfA_UDS82Cif4rOrhNIRaKvNvI7y9cO4PTkc19NPnyE17p3atO_1SXHrx225Sgy8E84
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT3fsky7iGewpBDtZShZH5CDOhShfA_UDS82Cif4rOrhNIRaKvNvI7y9cO4PTkc19NPnyE17p3atO_1SXHrx225Sgy8E84&google_hm=M3p6ekFpaXR0VWliRlN5T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT3fsky7iGewpBDtZShZH5CDOhShfA_UDS82Cif4rOrhNIRaKvNvI7y9cO4PTkc19NPnyE17p3atO_1SXHrx225Sgy8E84&google_hm=M3p6ekFpaXR0VWliRlN5THVpbW4=
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT3fsky7iGewpBDtZShZH5CDOhShfA_UDS82Cif4rOrhNIRaKvNvI7y9cO4PTkc19NPnyE17p3atO_1SXHrx225Sgy8E84&google_hm=M3p6ekFpaXR0VWliRlN5THVpbW4=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 05FA
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEPBeHLxFdrVXLZgybve6Jdw&google_cver=1&google_push=AXcoOmSKTgornL8OaFKvXZMUXJSLYJS5EJCww4W92vF4Tn_iD9MhuI5ZZJ-_KuDEsPTzOBjGip08U64rf3hcHW-wsYuGbd1xGTg
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSKTgornL8OaFKvXZMUXJSLYJS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSKTgornL8OaFKvXZMUXJSLYJS5EJCww4W92vF4Tn_iD9MhuI5ZZJ-_KuDEsPTzOBjGip08U64rf3hcHW-wsYuGbd1xGTg&gdpr=&gdpr_consent=
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc4NTUyMjY2NDI2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSKTgornL8OaFKvXZMUXJSLYJS5EJCww4W92vF4Tn_iD9MhuI5ZZJ-_KuDEsPTzOBjGip08U64rf3hcHW-wsYuGbd1xGTg&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 10:29:13 GMT
pixel
cm.g.doubleclick.net/ Frame 05FA
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFfLQ_VAI...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFf...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 05FA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBmpb2q7yYM3hk8d9efwnDjrcSn44phRYfMW9tWaz1Z0vZjpBng2cNUXhqpGR5BDXI9xMGbQ
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
reply
comment.youmaker.com/api/v1/counts/ Frame E9BF 		1 KB
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts/reply?site=remark&group=&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&id=3942372&post=gids
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/v3/static/js/main.7036b77e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ab9f426a444dbb61944fd11c40469e020a7e0af90f6822284b82be8c330cc303

Request headers

X-PROVIDER-TOKEN
youmaker
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
accept-language
de-CH,de;q=0.9
X-ACCESS-TOKEN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SITE-ID
remark
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.20.1
author
EMG
vary
Accept-Encoding, Origin
app-name
remark
content-type
application/json; charset=utf-8
access-control-allow-origin
https://comment.youmaker.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1DAD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:19:42 GMT
index.html
s0.2mdn.net/sadbundle/15940192796231137618/ Frame 7AF4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15940192796231137618/index.html?ev=01_250
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
b8f8182f62110a45055e7ebcdcffb07337f107dba5dccc2e3acd2e43f8f11821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
24270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2092
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 03:44:42 GMT
expires
Wed, 11 Dec 2024 03:44:42 GMT
last-modified
Mon, 23 Oct 2023 09:32:28 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D5E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujButjhlSqrID0gFTkA8iavd7sLFZzY50E3bwG0Nn4Az1-7CoDHYu6z--CijUS0bE5XyCBxYMOcOsrNlujRCaOIENdJexZFTmFyrzFZ7XD93vhj8gaROtU8Mtgcx8sCBuk-auMqF1n5EEcmdpwHpNciisSTv3y6GW2Kk-ACX12DHhOB4PVr0Isp9QKeWImlHLAf6oxsNdxhywntsgvvjIyyS3g6VbS0IblJl08KYW00GXViGhw974FTHLyZyJ6Uo-noS36_Y40dkygFBi4EnBcOYzfGx0SCq8718z3DbaHafDdOKRf7pdLtGFyb53ESNz0xsws8blMZ9AGtj09pe1Ah5PRElv8425K6c8s0vx1yDKUFMmf8M7VxejNII85Hg59bjTHEDL-2o-JLLPXcXrcIGzSMHPGfNwj0j2z0KppkWZw5gedBgVSOctFi5xy4jp7RHL5K3yLuM-lEDvNUuXRLOAOnjh143G7IHb9cdSanPRV7nTjHZFLqLF21UEsYoUcP7GDIRJbvT1qM14TCpG3uzWfUPsFoqnOhCJ-Udj4c6S-mXp5Tyxnn1eUvSy7Sj8kQc7qMfkUXbJY4RUKHjJu3hNE30LtZdXGZAZTDqJ1ASf-cSSgf4zRbTAdqYQ0OOHQzzWYx4_VA1fgW82KdSRzIhI_to3_OnVxPtkK2sAamAlHn-UJyHDoxRJAZrjGLkmddP0EU5Uh_Q0bIEiBT8tAGE8TxuKJ2F43D_GLt7rvEFjioErvvL-I0xFFK_OKOkbzBy4PpihriGcOmIMSoCJLzKmSjPMHelFVz5yHuC5k8XiOXsTGHUvEVl4fmHBxW_QS38N4tdtcXU7kmK3ziVawgqryfd7U0GLXgJ2U5AdQT1L8f7XFCbKstAROKchosqlQHDM3hNGbA9kRSOilUIRZXxN3_8raKX_kiL8xavbi9M-TMxaiJcNXwc51zyl70ZoBMzWvoQzWRDdpXYxP5ufiDNB9lxcMHEnxwHiWmqsTgfrJ_jSWTS1kipWacNT4WpsmbQ8ToZktEwKB-fF8fOFkBgP-WRJh9IxPJQynwx6BVTrnxn_sA2a_wMzqDnIRBK4dMK91sKkMXuvs58yFcCxuBlrNtO0-gQ4fYB7IR-E1iZVcANpyQKlLIChkGMgZ1Ml2U5G9MhxfNsjtrVg6Kyw_LJQq8gGPqgCi87MdCwG_keEVz1l2iyQVWYRPPbLSolCkeRp9JWDGdephARyEtQ2HINWOjBMMHDhqFPvIX17QUGCaunJZUTM5a1IfFMG4XzOuLuvsMneWxpMBSj0wyYZdmKVCndILBlAk5biV0xW60I7nbbno-C3e_aE52QzBk-UKhtCz4Oq3ozolYkGVO6nNzWZtHq6MjsCrzseHrnrEIMB4Hp2CT6-u1wwVWtIfAIqzYjTh7TBXQNH7arBvqVbqOe35UGBh3Vu_ow6VOHI69Fz3xR4U56ZQWfSQueLyaFB-g56i7mpiOZybxIwZ6bPCUcH2fBAFSeFRXMKrCZIPAS0Fhe2bMtuZCMrb6H9W5iV6iaLEXiHMJyd7AbCdVQSHWwLX96KeTAlk6sB8&sai=AMfl-YRQFHGyWczf40p-7cMb0Lhdn_J4J1j_cJJDyjXJWhac5CtONz9FoUP-RDhwfNaCPKi2xgO1NYDgTDM3vUKJ03990Q86czJq37I41DmXD8EHM15g7VNxe6j_L43oezBHiRNSs7oabRWpfvfjttJv71pD9hBOsbI_8KJwW9qTnvtJrhjTOroVE7AnoB1GRELq4cmuRIhCz2sd9rSo6WEZB3Axw0nBWMLidLVEZxkv3PQXRZZHRwofcHoWSYe_KN6bYvLyTCGSlUCxycWCPi1QMs-NKtL5TmjSNx1Pbv3G9gwnWV7t2s41AEHW4upNu6QrgTGpoNl1LCOfSvJo1SL1g_EOTqbM1QZokSUsHkpYgEvoVv3b_DawCtUP2OftLi9KCdIdKewT4JToUCeb9Iui4JNTX2bRtO0EnDGLvAaeOpYWF9oEjX3a&sig=Cg0ArKJSzCdPG72pBEeTEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=652&cbvp=1&cstd=644&cisv=r20231207.56114&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 10:29:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=...
adservice.google.com/ddm/fls/z/ Frame D5E7
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=8050383;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
  • https://ad.doubleclick.net/ddm/activity/src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_...
  • https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_f...
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CLefr6zYiYMDFcrKmgodbyoBAQ;type=advie0;cat=advie0;u42=377981848;u43=570028863;u44=202699213;u45=30734642;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ Frame C44B 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.40.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-40-117.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:12 GMT
via
1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
content-length
0
x-amz-cf-id
CwqhUbQa6gq7PL0R9MkaipI2E7NOtOL9TLH-3xc6WeJU4GHyBDj-Yw==
x-cache
Miss from cloudfront
ads
googleads.g.doubleclick.net/pagead/ Frame 673F 		76 B
132 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C3%3A66048%2C4%3A66048%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&channel=4089988593&format=0x0&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376951789&bpp=3&bdt=2254&idt=616&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=3388534333565&frm=24&ife=1&pv=2&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n0r5nl40olvq&fsb=1&dtd=629
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
66
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6E1E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b0f3a4a73aba06e30a64ee1de07fd973eca14c55386e5179cd1880f51c9910d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12299
x-xss-protection
0
/
onetag-sys.com/usync/ Frame C62D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702376950248
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
a7fbb2de16ce1e9d83f24e1175f0ba873be099d5430d541b33af3397e5b140bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1504
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 7952 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702376950224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
7fea352539e58b017bd00e28476c93617e775ecba8c52276325a078062633009
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1507
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame C3BD 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19608
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 05:02:27 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
vo7y4Mzj0rZfgULlbWk6SbAiMXXD_yO1QYAvzlqCZStctk8_D7LH7w==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame A7A6 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19608
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 05:02:27 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
TZmtYR3xMz932hS3SNBvXZJa7590z2WiXxDw2F5B4-y4tzwuiLj12w==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
cs.html
sdk.minutemedia-prebid.com/cs-config/ Frame 9EEA 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f48a6d82840fe8d6952bd2570b2f0a960b42bba1b10d4786b0564f04be87fa19

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
19635
content-length
3480
content-type
text/html
date
Tue, 12 Dec 2023 05:01:58 GMT
etag
"a0a441bd34ade33598ec2a72125b5709"
last-modified
Wed, 22 Mar 2023 13:07:05 GMT
server
AmazonS3
via
1.1 4a345f25fcb995602afaf132ccf353de.cloudfront.net (CloudFront)
x-amz-cf-id
74NEjGVoP74D1qZLMeavdBG9QQ-yZ5Gwh_A9PCLmcu21FOCuLlZshA==
x-amz-cf-pop
AMS58-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame CD85 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702376950501
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
dd28fa5ae921385fbe94a0d36930110d20567393e3f9303247f989bc3c788687
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1506
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame B31C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702376950225
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
b76448b5a037aa46fb38198b9663cefbd94bfc5ec4f4129cc292b768cc913c51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1508
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame 6E1A 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19608
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 05:02:27 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
gqNHOID1pa-s-0QUHgJWqZvJ9K6L2nzIybzqStJqWOLlNrsJf5VL0g==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame 399B 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19608
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 05:02:27 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
rnJyH5eXI7aRqxW1xN200qSRcFpj6692PP176s-LvJPU8Ltp2e1Daw==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame B6C5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702376950673
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
39766b5f676147410ac4c9b61ee7fe38dfb3d6ae553973bf2e2bb65f1ec59312
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1506
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usersync.html
cdn.undertone.com/js/ Frame A169 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.theepochtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19608
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 05:02:27 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
4f9kLIkVVVB9sfFZhlodtIQGbPqiumGOdmw0IgyFIJvfog8KTIYJEg==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
stf.js
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/stf.js?v=2023-12-12T10
Requested by
Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/smarto/et_so_utils.js?v=2023-12-12T10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.202.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-202-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eccd73d42235a1d7b7262da7b14af71b9bb00c1995e3840993fd3c1fa304d0e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:12 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Mon, 11 Dec 2023 08:40:44 GMT
ETag
9dda8f1fd126e4865acafe873660993a
Vary
Accept-Encoding
Content-Type
text/javascript
X-Timestamp
1702284043.93754
Cache-Control
public, max-age=257442
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx5d5f628c1ff14a6e9b6ec-0065782f21dfw1
Content-Length
4502
Expires
Fri, 15 Dec 2023 09:59:54 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 34EC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:09:51 GMT
expires
Wed, 11 Dec 2024 09:09:51 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame A34A 		2 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/static-v4.0/content/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:21:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:12 GMT
css
fonts.googleapis.com/ Frame A34A 		750 B
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=BenchNine:400
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/static-v4.0/content/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
c8ba2440ebe258a35f9c2252f65a5852fd9bd9538d7c2857ccb967481131fed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:29:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C44B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstWXiwdSwLDQtfxOrdbvTUNk06HmgxGzFCN6ka0rFWJsCJlcwIcWA-ujwN46tZHD1IHZmYyXGp8JzAePNi_9hqhS92hv704YT5sF-dTRW5_fV63P1Lc_Qj2qfC6woiKn7pEYjd837QEjtk10_Yqso4KSU8tJlfX2IOoXkiYZaNriAF0frBFFQzoFcOk_cUgeOL7OojL9HGLWKvRg_PnRvi0YhdVrUaoby4uajgcf_yyXf9myCTqykijI6aeR-pBG-fNDFSInzRBqIomyTUse6Mjzl5bjVImySgWzWj5VDxmUJTylTIpnYipBiyV80TrBEX7gUTs0VJYEzD1ABMHgOG-S_UUHVMuqznc7TyLlBN89ed3CLdLxVsTK7IWIV33onTlbyr45DMV1ndqu7kdMMdPz10txXv3K67yAGFZRtRTiswAoiVoy1KW3q2PV57sClURzBhE_o6Gp_lXRH6LdUl1ie75QJUy6-WsrZC2Q0IF3Bz7kObi1O3Jmv8w9GOdGTHrcS8G8t68o4IMfymauWEMG7Xyg_djlUCO-kl6c1INyKNSeTd3Xk8RLweWNEv2mbu9O61SBweCGoGBWGxjK-p7uJPb_ELyv3hVOEb8n5BAHa9vP7V0Wd8OlDw13zH1hyHRdRs8H9mFUViimhNi0zhQxprsWngCU3tqqLi4df6N92N4ZJrQZ8jNZU3BX9D76RJcTVd85eviZsYtes6xTER0hfZ0jI9HJYtyfugomMv7EAyzRl3Kq9ZZN2qiB7MiJD4oXwf5_g1F3-pVAw7mwOLMx35St2ePpiadCw1dL11iGJSpmHqlIH9SJfu4ylYOWTkGdteGwOZaWNUsYcVi2DH0CjbSocEd1xOUJUeAmvnNgrLInrwIqaZyAE4NzIUtf7ncLg21W-CHh_NKDCE0tYsbyVDWBKJ-7QsqsA-LwslVOVgG02fm7axjIbAzClBELDzq4TxBd4pmokD3WIy-YMqgOyzPJ4YhLh1eVYiFCe5KFEL8Rq5KRrmjMYoEzniC11gXg-V2sddDS-de82twB-kR1gjLrUL9Q109Be8uQL33mTdJBaUyqboCeNJ5zlYVCNYZQoVHcpbz3n89LqA3_HSC-l5xMtlrcPRl7BKPgA2P95FPGcw1VwBqEdGaaVS7Vbo4zH8HL-_vixZuv0dP6B1iDGYxI5epQdAA6LtfRLgoJP3VGeSeC11jqo9BGH4lpKEm1XMK3zI83N-aEHQV3-rhs4zQ9bw0QGQsQZY3nv6_yoLIyHg2LBKxc7FWbQDwXZdmcUsdD6ZD4at1WbFPdyUzB1QT7y85Ml2L0LNcTnNah6L7yib3sbowv85VP3CkK7S9EQv3XL0gmqZYuoH6FLpDVxQr_j4omB0LUU0LKVR-HbQO2c0qIHMYRw2zgVfjaiKIJDKKTEMsI581_8ZpgV1hSf8zcMIXYoBeQ8xFHKbD6v6RaxbikCixLieP8qdtkcRqPKT8weUdvPHXnSxPMEQiFUGlHKx1TM&sai=AMfl-YQYODRnJWGniJb3MbRrbDQHy2AEjINtGbh6MvjIZh7u2zzxAbiKfXM1vfoVDHmBIPrblXK4JC7WUwdlKk6AjXbAtZTwipx-V0-PQpe8PjKwLOH94VaLFCZKOB1SPuDjctNx0CwMF4l0igxwJeWfWYaqEu2ku6HasHFKRzeN3C7UuB49XrFdxgdvpz5HL7DTPgVRA6ojYgPW8Lwp0e19MWVGGl3SxSC66u6X17stY-rPs6G52witNJKK2cNuIF5vVm4j&sig=Cg0ArKJSzCPbyRpGcV3qEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=356&cbvp=1&cisv=r20231207.26639&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 10:29:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
368746324807220306
s0.2mdn.net/simgad/ Frame C44B 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/368746324807220306
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
38263eca3afcf1cbab8d54b6b37527e73509529510bd1db1bf4f5f335c78b978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:18:28 GMT
x-content-type-options
nosniff
age
40244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57896
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 12:47:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 23:18:28 GMT
img
sync.mathtag.com/sync/ Frame C62D 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x32 config_version:"197" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:12 GMT
Server
MT3 1143 599e619 master cdg cdg-pixel-x32 config_version:"197"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 10:29:11 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C62D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame C62D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
2c5ba6a4-9e65-4e0f-9698-16bf3a747efa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame C62D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=6b9326e592393fedad116a77b77ff4b6&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=6b9326e592393fedad116a77b77ff4b6&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=6b9326e592393fedad116a77b77ff4b6&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702376953628008-532
tap.php
pixel.rubiconproject.com/ Frame C62D 		42 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9mzu4K7MGac3JxvGcDAJilRsskKHVv0f9dBBhjS8koY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame C62D
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=c8c7fcb7-bdaf-4a8d-9053-0e145f0e2116
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=c8c7fcb7-bdaf-4a8d-9053-0e145f0e2116
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=c8c7fcb7-bdaf-4a8d-9053-0e145f0e2116
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame C62D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S029ewC4lICBB8gYYk4WdordtVF4HoQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S029ewC4lICBB8gYYk4WdordtVF4HoQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S029ewC4lICBB8gYYk4WdordtVF4HoQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame C62D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame C62D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame C62D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MKEXBVB1Q4G4NY9HFCA9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame C62D 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:11 GMT
content-length
0
/
onetag-sys.com/match/ Frame C62D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame C62D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame C62D 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame C62D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950248
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
opphb
pub.headerlift.com/ Frame 6E1E 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.headerlift.com/opphb?page_url=theepochtimes.com&page_type=gd&page_width=975&aid=0d8acf7c95dc4c02b9d881f769a5c0b1
Requested by
Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?referer=theepochtimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280c910f319e8120d7c63d90b9208f4ba14eae38fac9436086454e57402f05b0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
https://html5.gamedistribution.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHQzo32%2BxenXTs%2FdxNZANze%2BTpBRyLg5b%2FIERNUvpA%2BUvxd01a4kJMegEqACKpXI8VZHgy%2FrfDpSgKtzQgNK9OHxTyIBcP4WnFf2PvhK%2BDUpMvhNZ1WCZj8EN5X2J8CD9d7Tz5k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
834548f26c4059ef-MXP
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
prebid-idhb-v8.19.min.js
hb.improvedigital.com/pbw/prebid/ Frame 6E1E 		548 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v8.19.min.js
Requested by
Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?referer=theepochtimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
UploadServer /
Resource Hash
88bd751de914c875cc5ca0b130ef57f97ac9f5457054659875c90414cbfdacd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:44:09 GMT
content-encoding
gzip
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
531903
x-guploader-uploadid
ABPtcPrvhW5Dc3KOUE4B7OwELSAeMsxMqpbPIfU0j18ItXFKhQe8d4UiCr2y34az6w8hiD8Nb_I
x-cache
Hit from cloudfront
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
178218
last-modified
Tue, 17 Oct 2023 09:29:24 GMT
server
UploadServer
etag
"ae085eb45736ac0d0e5b2cbc080d2978"
x-goog-generation
1697534964498886
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=vsmcjA==, md5=rghetFc2rA0OWyy8CA0peA==
cache-control
public, max-age=604800,no-transform
x-goog-stored-content-length
178218
accept-ranges
bytes
x-amz-cf-id
re2qmG135KFhofHIg98LQXHgFejPfcY-fh_n3Dhw6tM7GP4rcMhr6w==
expires
Wed, 13 Dec 2023 06:44:09 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6E1E 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128901
x-xss-protection
0
expires
Tue, 12 Dec 2023 10:29:13 GMT
dpixel
cms.quantserve.com/ Frame CB57 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL9JPvaW2wQolVkLekV4xoE&google_cver=1&google_push=AXcoOmSHjKsxPT1aNBQ27Yuoo9LAoJQrT11847GTzXOmrSv44PmPd8uOkGYbR3C8c0KWvAFMErym9pQyu8CGXpGU9fyy4T_puHxbRA
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB57
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJj1Wpo6lvY0-1__yVcDgfo&google_cver=1&google_push=AXcoOmSMZfp9sg6F70EkNLMNQc94PdLnyDMx2FwUUBEWzJxG10PhomrdgQsv6Po7nnTnJcZJSky4v...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSMZfp9sg6F70EkNLMNQc94PdLnyDMx2FwUUBEWzJxG10PhomrdgQsv6Po7nnTnJcZJSky4vuD5TNM2V0yfNFk2eb5kGEIWUg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSMZfp9sg6F70EkNLMNQc94PdLnyDMx2FwUUBEWzJxG10PhomrdgQsv6Po7nnTnJcZJSky4vuD5TNM2V0yfNFk2eb5kGEIWUg
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D87345CB0C884A80A2DF0FE1CB520B35 Ref B: ZRHEDGE0712 Ref C: 2023-12-12T10:29:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSMZfp9sg6F70EkNLMNQc94PdLnyDMx2FwUUBEWzJxG10PhomrdgQsv6Po7nnTnJcZJSky4vuD5TNM2V0yfNFk2eb5kGEIWUg
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMTYWZ1D484HX66BoX2w==
pixel
cm.g.doubleclick.net/ Frame CB57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEImoBScLSYhT5Gqgnum3-Yc&google_cver=1&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJd...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEImoBScLSYhT5Gqgnum3-Yc&google_cver=1&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGh...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw&google_hm=yReToe3kSm2l5V2yP2veIw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw&google_hm=yReToe3kSm2l5V2yP2veIw==
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw&google_hm=yReToe3kSm2l5V2yP2veIw==
date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame CB57 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTdCABeYmQHx8OSNfNnlLWvnc11OYG7suK4tWXTUE95wzOyRiTamqP4oWAh13zUNmXEBdON5pKiBj28RREuB6CR5PsHvV07Mw&google_gid=CAESEOfqxM_roeUGuu9URSwMGgg&google_cver=1
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
224137
expires
Tue, 12 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB57
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIYiwGKNkLs07olUdsjiOA8&google_cver=1&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYxOz...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIYiwGKNkLs07olUdsjiOA8&google_cver=1&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ3OTI5MjYyMjQzNTIzMjU5Mg&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ3OTI5MjYyMjQzNTIzMjU5Mg&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYxOztxjmLN8CAvQ6xI4HzcEsOg
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ3OTI5MjYyMjQzNTIzMjU5Mg&google_push=AXcoOmTcW9c7-py6_AN3NrPDTU32QRZ5XexwPgzAhChHllT--YUPmU_mgzcM94VptrUOEkFwgQjDYxOztxjmLN8CAvQ6xI4HzcEsOg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame CB57
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBBx9xyKP...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBB...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&%%GOOGLE_PUSH_PAIR%%
date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame CB57
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHSAgpfrGMGj3DkBwmtHRds&google_cver=1&google_push=AXcoOmTzymC5mwweEokD4N32aCAVjU24ZjPZXMgaGd9-MY6G8XWzikzgCCkNPlQbPhL...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTzymC5mwweEokD4N32aCAVjU24ZjPZXMgaGd9-MY6G8XWzikzgCCkNPlQbPhLbECPqTBdizrBDu4vySO6wRElbfRzsmhotoZY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTzymC5mwweEokD4N32aCAVjU24ZjPZXMgaGd9-MY6G8XWzikzgCCkNPlQbPhLbECPqTBdizrBDu4vySO6wRElbfRzsmhotoZY
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
1364eab5
date
Tue, 12 Dec 2023 10:29:13 GMT
x-bytefaas-request-id
202312121029137C7FF5BFDE3235032011
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2312121029137C7FF5BFDE3235032011-0CB7AEF6804946EF-00
x-cache
TCP_MISS from a184-84-216-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202312121029137C7FF5BFDE3235032011
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTzymC5mwweEokD4N32aCAVjU24ZjPZXMgaGd9-MY6G8XWzikzgCCkNPlQbPhLbECPqTBdizrBDu4vySO6wRElbfRzsmhotoZY
x-bytefaas-execution-duration
3.37
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
010ef231288ac27b26ade265d9019dd2b8006ed712dc8c1ecf60bacd8b424a9169b2dfb6abb4d1cd59d49e5ad73f596096776325cd97ed0a4509790ad917448683d078221fad53442122c6f12550d59dd16208f9dce8e44628f7ff70eb2dddf9a0
x-origin-response-time
95,184.84.216.219
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Tue, 12 Dec 2023 10:29:13 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CB57 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kr3HkWKhJp--GzaXpVOHKwNsiZWnCoemhS8tOrkKbgi9B0TZhBDsrhqU3uXBTG455qwDrUqrI
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
img
sync.mathtag.com/sync/ Frame CD85 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x35 config_version:"197" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
MT3 1143 599e619 master cdg cdg-pixel-x35 config_version:"197"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
x-status
O1
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 10:29:12 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CD85 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame CD85
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
3666be7e-27d3-4684-b1fd-f0ed798bb807
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame CD85
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702376953630014-577
/
onetag-sys.com/match/ Frame CD85
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=ea5f82a4-0443-41e1-a272-f2312638c68c
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=ea5f82a4-0443-41e1-a272-f2312638c68c
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=ea5f82a4-0443-41e1-a272-f2312638c68c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame CD85
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08o7hxLYtcnqSpK6VQMbgu6-aJrTvg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08o7hxLYtcnqSpK6VQMbgu6-aJrTvg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08o7hxLYtcnqSpK6VQMbgu6-aJrTvg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame CD85 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame CD85 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame CD85
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TMCBX3KKG2NVW57EQPJ1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame CD85 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
/
onetag-sys.com/match/ Frame CD85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame CD85 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame CD85 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame CD85 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame CD85 		42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=L56ri6YY-PkT_wGoAkGO4id5X5t0nRhoLTxiRiJQ69k
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950501
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
img
sync.mathtag.com/sync/ Frame 7952 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x28 config_version:"197" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
MT3 1143 599e619 master cdg cdg-pixel-x28 config_version:"197"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 10:29:12 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7952 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 7952
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
cc04d138-db84-40a6-ac5f-b97513977861
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 7952
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=9a3e4eb6d9e92481ad06d4864f2871b&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702376953557074-563
/
onetag-sys.com/match/ Frame 7952
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d63f69f-9c7d-41c5-a90b-f38b64252ab9
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d63f69f-9c7d-41c5-a90b-f38b64252ab9
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d63f69f-9c7d-41c5-a90b-f38b64252ab9
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7952
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08myraYnAChX6dzQ30NZ6aU_qaMdQQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08myraYnAChX6dzQ30NZ6aU_qaMdQQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S08myraYnAChX6dzQ30NZ6aU_qaMdQQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 7952 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 7952 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 7952
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=H8Nk5mOn9heKHozs7DNBsjveAyc2_Dmj-INqcSXdgAk
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=H8Nk5mOn9heKHozs7DNBsjveAyc2_Dmj-INqcSXdgAk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZC70QNXKWC7TRGZNXTZE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=H8Nk5mOn9heKHozs7DNBsjveAyc2_Dmj-INqcSXdgAk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 7952 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
/
onetag-sys.com/match/ Frame 7952
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 7952 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 7952 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 7952 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 7952 		42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950224
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6E1E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 10:29:12 GMT
img
sync.mathtag.com/sync/ Frame B31C 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x31 config_version:"197" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
MT3 1143 599e619 master cdg cdg-pixel-x31 config_version:"197"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 10:29:12 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B31C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame B31C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
959d4073-97ab-4442-8814-8133f0d12f62
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame B31C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702376953595082-594
/
onetag-sys.com/match/ Frame B31C
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=af1ab434-94aa-43ee-83c0-91f163554142
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=af1ab434-94aa-43ee-83c0-91f163554142
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=af1ab434-94aa-43ee-83c0-91f163554142
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame B31C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_s0dwvdxM8alQxiwqOKTs1OywZDaQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_s0dwvdxM8alQxiwqOKTs1OywZDaQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_s0dwvdxM8alQxiwqOKTs1OywZDaQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame B31C 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame B31C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame B31C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VWK9N87691C7DGPFY0DF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame B31C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-length
0
/
onetag-sys.com/match/ Frame B31C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame B31C 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame B31C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame B31C 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame B31C 		42 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=vZJ-63KpqhySR363il4UHV5joZRVSgQdKeyOQk2O_4A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950225
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
img
sync.mathtag.com/sync/ Frame B6C5 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"197" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"197"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 10:29:12 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B6C5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame B6C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
an-x-request-uuid
46b957d2-cee1-4b4f-8b3e-44fb426cb28d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame B6C5
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=f4c8d6416d16ab94eb4d32e5561b56e&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702376953595093-547
/
onetag-sys.com/match/ Frame B6C5
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=bec88e1f-f4d7-4d79-93d3-bd523fed5c21
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=bec88e1f-f4d7-4d79-93d3-bd523fed5c21
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=bec88e1f-f4d7-4d79-93d3-bd523fed5c21
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame B6C5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_uBY6D4aIKWfyICwXksV1KbURh57Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_uBY6D4aIKWfyICwXksV1KbURh57Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF2S0_uBY6D4aIKWfyICwXksV1KbURh57Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame B6C5 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame B6C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame B6C5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
68KAEH4YB4SWNAKZ8ZX7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame B6C5 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-length
0
/
onetag-sys.com/match/ Frame B6C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDlMhXHeHU4cDTE6UzD3e0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame B6C5 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame B6C5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame B6C5 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame B6C5 		42 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=H8Nk5mOn9heKHozs7DNBsjveAyc2_Dmj-INqcSXdgAk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702376950673
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 6E1E 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9c209e333b3d7177d47d2b6b0f1f6a5d333f31d810071dc66be386968cabf22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33014
x-xss-protection
0
server
cafe
etag
2276874813556187764
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:12 GMT
advertisements.js
ams.cdn.arkadiumhosted.com/assets/arena-4/arena/heap/ Frame A34A 		22 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/arena-4/arena/heap/advertisements.js
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4d7bd00ea79744a14ecd09a2d1db45d4b91e9f3b6eda3edb3ad8b1ba4188e1ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:12 GMT
content-encoding
gzip
last-modified
Wed, 05 Sep 2018 07:36:41 GMT
server
Microsoft-IIS/10.0
etag
"6f42b30eb44d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=657
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
58
tentacle.js
tentacles.smartocto.com/ten/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/tentacle.js?v=2023-12-12T10
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
30cba8c6f7374a344b5a6d97dda6da6f92281144a7123bd7168349de7d85f4b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-383
cdn-cachedat
11/28/2023 09:17:30
cdn-pullzone
1448885
last-modified
Tue, 28 Nov 2023 09:17:22 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6565b022-9011"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
92c47c19-149d-4a6b-809d-6a585867c24c
cache-control
public, max-age=60
cdn-requestid
fb16d8b3084861450ac7d301bf1fc1e8
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 34EC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:19:42 GMT
debugging-standalone.js
cdn.jsdelivr.net/npm/prebid.js@8.19.0/dist/ Frame 6E1E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid.js@8.19.0/dist/debugging-standalone.js
Requested by
Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v8.19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8463e5701a90b0f5686a725b46bd98733a03375d850a52088f4ad319fcf081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1149754
x-jsd-version
8.19.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230024-FRA, cache-mxp6979-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"5146-aspBJAe/hJtR2g9lWOjQ0xaqR/8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aJGBCwZ2GfvARISuZHT4gGApObvG8k2a2%2BHCI9m2LXM8pPJ%2FxOtiK7Y256%2BSy91AFcy94%2F6xo%2FN7%2FuHAN6tCmNS8GHlahxXdGJk2SWIWoECXDZsbXCuBu89nqlvyCLfets%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
834548f8df4abab5-MXP
p
ingestion.contentinsights.com/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.contentinsights.com/p?a=Epoch%20Puzzles&b=&c=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&d=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&e=Free%20Games%20-%20Ad-supported&f=2748&g=2021-09-23T18%3A42%3A44Z&h=epochfun-137957%2Cspecial-epoch-games-155638%2Cfree-games-ad-supported-172624%2Cpremium-116266%2Cfrontaudio-161329&i=&j=paid&k=news&l=&m=anonymous&ch=&n=article&pid=3942372&u=1702376952931.69247687.76198475&ul=1702376952931.903787927.0863756&x=0.19929620897524747&t=0&err=&ver=23
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.111.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 12 Dec 2023 10:29:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 426A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:51:47 GMT
expires
Wed, 11 Dec 2024 08:51:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 545C 		829 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
4fcb8d293a0e0c00eb05d95f95af8ff51bc3999f3273574b5f064a061085bbe1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2PZKthsORjdvTDr3ltcaaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2PZKthsORjdvTDr3ltcaaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:12 GMT
expires
Tue, 12 Dec 2023 10:29:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
analyticsbundle.min.js
ams.cdn.arkadiumhosted.com/static-v4.0/content/js/ Frame A34A 		163 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/analyticsbundle.min.js?v=Arena-4-0-Live-20230215-1
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d923c8cf686ef0bc887d54eb80db65fbd0c9fe59a259160557d948e92bb67717

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2023 10:31:42 GMT
server
Microsoft-IIS/10.0
etag
"3980a5dcf141d91:0"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=88
accept-ranges
bytes
content-length
44561
expires
Tue, 12 Dec 2023 10:30:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DAD 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0ATs9zV4Zb-cAu-I1PIPk7OKsAEAAAAAOAHgBAI&bg=!1Nel15jNAAY3kmNgF5I7ADQBe5WfOFp-mOoFLyNezCcDNIjhTPn4-ObYMa02-GecJX2QOVOKiDeQn2z7zXkYC91wcwLzAgAAAORSAAAABGgBB5kDKs2BpYoSSHtsi7JhzS2i45FX3_TLKBzoc67p4W7e_Pkpqj8LyTWfhbSQtIVqGy-_4EFdW2gOw3-9NQXgzL86-a8a39mmY1lSzbz26bza6p7bF2NNOmicIj2gX9gptzbTZwnNHZ4H6qQEBUPIPguk3i6Li3gGFhAXZlbj81vT1p79Pr-Vry-za_cV5mUaIvMSEgDdyqxIb68ayNoMc1xNzq9SzFCggqpU4I9ehcInfpOemWpaSiCjoyaYPLdwz5B1Et2ROX4gliIpPIykXwknfnlEQPrvkYLensbVqCIKVOC3YQKoPtQyZ_JuGPQAdR56oKfCToFw1iWvnmrGnFNxbV89KTMNbh5UrVQKTr-PaGaHepJouQUeynwS-LLfq6APAUDShNv8hQEmur39waVzOdOuhP1DXyJ616zL5teOMRACf7c_OKWU8Fkj3WDaZTwhRqjEBP4FlN02uraBzrY7O44Zf6JQV6jV8YlrZpyx-9PgkJdbfjXb_bP0H9x5bBpVDc53uFWHzvVX4ka_pAPhp3xp4tWGiNnezU9KY8G1LgWglwSW8tK3J8LBYIjhK-G0V_iHMz5tdGE4GolmFUMmb4Q2SI_fb7PcFoXqqyIkH8RYAbisyJtUblXPLssCElrztRhOPCtM0OtkaV3wSTWFGwvgJqCvDGK2L3g8STC9TQnrVhk9bSAfIy0viLNoIyaBRbx6CN0RyW-Cb_o6wlb4lqgCqCt-u8O1U2h13HCm9xLTMkSFlCpQmrR70tEj5wVe6Yy5JF6r7ZHf_pXcY0Q8sg5lqQId_WeWw2bzuSgRq56ZB9lqRDeszJsZeILr-yEWaVjyXyAmr-0ASQXgxdR1bpah60_faXe5a03bohuNBLuyKo7WaoYNovxRQURzuO_Ua1BCc7XEofG30CjXouPmc_6zVs9SD7YsZEfS8vLOSWEjvjoDujHxMIdC0zFyJfO5KIJabulGa9HMqRQm_P23i-v7Afq76k50YIe8e1MS5GO6V1yfIsVp0CKZunLsHWPCf6lTxk7v_0Lz_vJrAOEL7R8-DEZmU64NnCpqFWUyBzfDtGeIPzzDjevMUg
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:29:13 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=epochfun/block-champ-epoch-games-3942372
  • https://a.clickcertain.com/px/smart/a/?seg=epochfun/block-champ-epoch-games-3942372&c=244b81b94c69796
  • https://a.clickcertain.com/px/?c=244b81b94c69796&rid=96c2eca2-3759-4102-83b0-b7fdc342e9a3
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=244b81b94c69796&rid=96c2eca2-3759-4102-83b0-b7fdc342e9a3
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
104.26.9.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12eda573f7728a7171718728d2ed4b89ab4f9d8165762db24bae369cacaa4436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
content-encoding
br
x-frontend
cc-nginx-5776dff989-c7g5l:cc-nginx-5776dff989-c7g5l
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
10257dbc-90da-41ce-8c2b-ee228ed8f76c
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJyliYtuaXOfNXgLFVUKVRTwrjfhNA3e%2FzWB2VlfOSESu5VKnM6zVdWy051P3RXQ9gwdA10gQBWCzkjPmfjBKIxzPlRIUNYW%2Bx8zGlbuujyUHgZgm1VSAVNY2LG%2BWP6H1XMWHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
8345492f68ac0d64-MXP

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
x-frontend
cc-nginx-5776dff989-7z67c:cc-nginx-5776dff989-7z67c
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
96c2eca2-3759-4102-83b0-b7fdc342e9a3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BzHhbyGY7l8atmHEsdLEaMPkWtDiIFvD5HhtotaUoIt4oPfIGT8VMk6NLKI4cQHblKl32e%2BOUsBnYMXWwT%2BsI2CoNktfpzPB0A0pkSzaSG3nq6QG9dMOWpw9YLB2BuJJfv3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
location
https://a.clickcertain.com/px/?c=244b81b94c69796&rid=96c2eca2-3759-4102-83b0-b7fdc342e9a3
cf-ray
8345492dad260d64-MXP
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 12 Dec 2023 10:29:12 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B51B8D7CB7434CC5AF94836950EA56FF Ref B: ZRHEDGE0713 Ref C: 2023-12-12T10:29:13Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-696467118
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d029bce831d30b603410e4e7b813d1e3417f8a21c2bc92878e0744a123cfd286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72425
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 10:29:13 GMT
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100415
  • https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702376953893
28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702376953893
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
HTTP/1.1
Server
52.200.58.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-58-150.compute-1.amazonaws.com
Software
/
Resource Hash
d7d9ae72724a0339e83f413b17c5a60aa55557299e85e5a3a1b3c26f8e5ab359

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:14 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
28662
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1702376953893
Date
Tue, 12 Dec 2023 10:29:13 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230083-FRA
6irth52s.js
js.alocdn.com/c/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.alocdn.com/c/6irth52s.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-5.fra60.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
b1a48777454353c2b6ff6e617c2caf64c290e2ba4f55fd74a30d97f734198c21

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:40:40 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P1
age
20913
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=28800
x-amz-cf-id
Hcaf-VwKsfndkV98TkuKQekAfAtFN9kw95fPYkUe3h3bjPpA7tJcHA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1702376953026&ns_c=UTF-8&c8=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1702376953026&ns_c=UTF-8&c8=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1702376953026&ns_c=UTF-8&c8=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&c9=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
18.239.83.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-126.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-amz-cf-id
iX1UQJbZU4a9x95ZNHxFeSr9ZvtcMVudqFNMOGWsyd6tgi7whNPYOQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=24003086&ns__t=1702376953026&ns_c=UTF-8&c8=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&c9=
content-length
0
x-amz-cf-id
tipPAZ5uYjkc2pMLH0t8tweuLL7li4X6rdlBMZQ8PYWS7UKPNkBBgg==
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7AF4 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15940192796231137618/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15940192796231137618/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 10:29:13 GMT
vF300x600_%20MiBa_Firmenkunden_Zukunft_halfpage_de.js
s0.2mdn.net/sadbundle/15940192796231137618/ Frame 7AF4 		29 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15940192796231137618/vF300x600_%20MiBa_Firmenkunden_Zukunft_halfpage_de.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15940192796231137618/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
fb03ad2f6c5f2bec8c0092f4ce2977daf0b27e1c8eb29896f0d048f693240db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15940192796231137618/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79855
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19289
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 09:32:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 12:18:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C44B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstWXiwdSwLDQtfxOrdbvTUNk06HmgxGzFCN6ka0rFWJsCJlcwIcWA-ujwN46tZHD1IHZmYyXGp8JzAePNi_9hqhS92hv704YT5sF-dTRW5_fV63P1Lc_Qj2qfC6woiKn7pEYjd837QEjtk10_Yqso4KSU8tJlfX2IOoXkiYZaNriAF0frBFFQzoFcOk_cUgeOL7OojL9HGLWKvRg_PnRvi0YhdVrUaoby4uajgcf_yyXf9myCTqykijI6aeR-pBG-fNDFSInzRBqIomyTUse6Mjzl5bjVImySgWzWj5VDxmUJTylTIpnYipBiyV80TrBEX7gUTs0VJYEzD1ABMHgOG-S_UUHVMuqznc7TyLlBN89ed3CLdLxVsTK7IWIV33onTlbyr45DMV1ndqu7kdMMdPz10txXv3K67yAGFZRtRTiswAoiVoy1KW3q2PV57sClURzBhE_o6Gp_lXRH6LdUl1ie75QJUy6-WsrZC2Q0IF3Bz7kObi1O3Jmv8w9GOdGTHrcS8G8t68o4IMfymauWEMG7Xyg_djlUCO-kl6c1INyKNSeTd3Xk8RLweWNEv2mbu9O61SBweCGoGBWGxjK-p7uJPb_ELyv3hVOEb8n5BAHa9vP7V0Wd8OlDw13zH1hyHRdRs8H9mFUViimhNi0zhQxprsWngCU3tqqLi4df6N92N4ZJrQZ8jNZU3BX9D76RJcTVd85eviZsYtes6xTER0hfZ0jI9HJYtyfugomMv7EAyzRl3Kq9ZZN2qiB7MiJD4oXwf5_g1F3-pVAw7mwOLMx35St2ePpiadCw1dL11iGJSpmHqlIH9SJfu4ylYOWTkGdteGwOZaWNUsYcVi2DH0CjbSocEd1xOUJUeAmvnNgrLInrwIqaZyAE4NzIUtf7ncLg21W-CHh_NKDCE0tYsbyVDWBKJ-7QsqsA-LwslVOVgG02fm7axjIbAzClBELDzq4TxBd4pmokD3WIy-YMqgOyzPJ4YhLh1eVYiFCe5KFEL8Rq5KRrmjMYoEzniC11gXg-V2sddDS-de82twB-kR1gjLrUL9Q109Be8uQL33mTdJBaUyqboCeNJ5zlYVCNYZQoVHcpbz3n89LqA3_HSC-l5xMtlrcPRl7BKPgA2P95FPGcw1VwBqEdGaaVS7Vbo4zH8HL-_vixZuv0dP6B1iDGYxI5epQdAA6LtfRLgoJP3VGeSeC11jqo9BGH4lpKEm1XMK3zI83N-aEHQV3-rhs4zQ9bw0QGQsQZY3nv6_yoLIyHg2LBKxc7FWbQDwXZdmcUsdD6ZD4at1WbFPdyUzB1QT7y85Ml2L0LNcTnNah6L7yib3sbowv85VP3CkK7S9EQv3XL0gmqZYuoH6FLpDVxQr_j4omB0LUU0LKVR-HbQO2c0qIHMYRw2zgVfjaiKIJDKKTEMsI581_8ZpgV1hSf8zcMIXYoBeQ8xFHKbD6v6RaxbikCixLieP8qdtkcRqPKT8weUdvPHXnSxPMEQiFUGlHKx1TM&sai=AMfl-YQYODRnJWGniJb3MbRrbDQHy2AEjINtGbh6MvjIZh7u2zzxAbiKfXM1vfoVDHmBIPrblXK4JC7WUwdlKk6AjXbAtZTwipx-V0-PQpe8PjKwLOH94VaLFCZKOB1SPuDjctNx0CwMF4l0igxwJeWfWYaqEu2ku6HasHFKRzeN3C7UuB49XrFdxgdvpz5HL7DTPgVRA6ojYgPW8Lwp0e19MWVGGl3SxSC66u6X17stY-rPs6G52witNJKK2cNuIF5vVm4j&sig=Cg0ArKJSzCPbyRpGcV3qEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=781&vt=11&dtpt=425&dett=3&cstd=781&cisv=r20231207.26639&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7598209245225368827/ Frame 210E 		96 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7598209245225368827/index.html?ev=01_250
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
17f541559ff3e0ce1984b830daeb36612d067d987b53e1f5cae89ae635d58005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
40245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23905
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 23:18:28 GMT
expires
Tue, 10 Dec 2024 23:18:28 GMT
last-modified
Fri, 01 Dec 2023 12:47:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&preloadAdBreaks=on&sound=on&onReady=false&event=adcf_cl&client=ca-pub-2316275586951220&bow_v=r20231207&js_v=m202312050101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 545C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=575549331944119&rc=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame DDD6 		214 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
44c80b1392954f0944515ee4736e55afe97c1d3a2c3fa49ddfdbe4b3e54610e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
53326
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EBED 		179 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
c8b2e66437f1fbfb43a6141232e5d2fd415296bf706621a931ad6158f594f9f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
53256
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:29:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ Frame A34A 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/analyticsbundle.min.js?v=Arena-4-0-Live-20230215-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:22:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4008
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 11:22:25 GMT
8bcc5ba1b51be8db315598d399d2060ff89e0bf9.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/8bcc5ba1b51be8db315598d399d2060ff89e0bf9.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
83f17573792a13e8a11a9e9d17ad55a84df69a21.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/83f17573792a13e8a11a9e9d17ad55a84df69a21.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
d69b747ee81da6457e9c3845f9cebbce55b3cde3.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/d69b747ee81da6457e9c3845f9cebbce55b3cde3.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
bd8ae656598ea82aaf0b9781b09e4edf0c967aaf.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/bd8ae656598ea82aaf0b9781b09e4edf0c967aaf.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
7dd36a89e2f100633c0c7a55a40c1207ffa23571.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/7dd36a89e2f100633c0c7a55a40c1207ffa23571.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
80f1f0f3d21fd9d44731e1350d91d8f5113c7faf.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/80f1f0f3d21fd9d44731e1350d91d8f5113c7faf.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
82fc4097a392d9d92d7020cba0ee3e6fd2d94099.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/82fc4097a392d9d92d7020cba0ee3e6fd2d94099.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9953ce3daeb343bbdb77c648585a1ab0e67c6bdb.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/9953ce3daeb343bbdb77c648585a1ab0e67c6bdb.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
69b2d8fd18abe13abfe0c577de6445e1cd4d8a6d.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/69b2d8fd18abe13abfe0c577de6445e1cd4d8a6d.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
3a6e0e93dc6e6ece4590a27d8fbdb87cc3b03d38.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/3a6e0e93dc6e6ece4590a27d8fbdb87cc3b03d38.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
2bb0a07abb675f2918f47283ccf5416c48536e91.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/2bb0a07abb675f2918f47283ccf5416c48536e91.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
547287dcaffcf41d96768957e03649581175e084.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/547287dcaffcf41d96768957e03649581175e084.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
5a00f2514c057ab354ec9d8e89b63a889acb5865.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/5a00f2514c057ab354ec9d8e89b63a889acb5865.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
1093bbcdffd8d61517395307f73b43156066b092.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/1093bbcdffd8d61517395307f73b43156066b092.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
f8850f3970fe89312e4c6502cf85ffbca23a1ae3.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/f8850f3970fe89312e4c6502cf85ffbca23a1ae3.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
cb3c61c0e12af8b31b2fcea85e14dadbe8732e87.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/cb3c61c0e12af8b31b2fcea85e14dadbe8732e87.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
1244ad0d83c955af0dec10bf174d79214f4de231.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/1244ad0d83c955af0dec10bf174d79214f4de231.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
6c5917eb6fdcce77d9a3f3caa272a1c58f5482e8.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/6c5917eb6fdcce77d9a3f3caa272a1c58f5482e8.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
8ad78b7f927f8d35400058a76c86ffc7993d9fa0.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/8ad78b7f927f8d35400058a76c86ffc7993d9fa0.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
fe11dffa94638dcf1919be08264c232606844a69.image
comment.youmaker.com/api/v1/avatar/ Frame E9BF 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comment.youmaker.com/api/v1/avatar/fe11dffa94638dcf1919be08264c232606844a69.image?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://comment.youmaker.com/web/v3/?host=https://comment.youmaker.com&theme=epochfun&site_id=remark&url=theepochtimes.com/epochfun/block-champ-epoch-games-3942372&url_id=3942372&group=&provider=youmaker&token=&page_title=Block%20Champ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

app-version
0.1.2
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
etag
""
app-name
remark
cache-control
max-age=604800
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 426A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:19:42 GMT
ark-play-widget-app.main.js
arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ Frame A34A 		428 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a81f3342a4b058138504fa354a4d5f0447d13feb564ecce3595b81059fa1c47c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 15:05:44 GMT
server
Microsoft-IIS/10.0
etag
"0d4c2db7dd61:0"
x-powered-by
ASP.NET
vary
x-cdn-target-host,Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=60770
accept-ranges
bytes
content-length
187512
expires
Wed, 13 Dec 2023 03:22:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34EC 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMfEe-DV4ZbTqB4W9x_APsca8-A0AAAAAOAHgBAI&bg=!e3ileDfNAAY3kmNgF5I7ADQBe5WfOCikFkmjMPSC-psvZEJq9cfyNsujmRwVICdtK0_eamQbb1y9bYi51V9XAxV2RH94AgAAAIFSAAAAAmgBB5kDJS43Xjw-8gHT8BTnB2Noz3lYMwghc5eP1zT8Bw1XUQb1ic2KFAnXnE717IJVE7p8JJfuET-n9IWKnMbhhA9lcqtaRHJI8vEigFoTSbuv29ERLECn7NeyKH5I1StFN2w3koiajbTgshElFr5MP5gikC9LZ8Jzt4jsG25ITCS70XbqMj3CMOKt7JgDqw8-2KcArHX6LprUNXTF8xwPXalLaPrM9fjoeP9CHCLSaUx9id27dnEtKrmdn1OWWTOEAZrBXqPWLfBv5bwy-yaHNYflRe4MPqg2NIMXUZkaKHaSFK-N7a7TVWBhwn2Ip-SrwUgKhLEHGSyJNDZIFCQsdcHZ2n6YIq8cnSLDPk52ebAbWs_VjPU6yvM7UTZyvSEDB-kjPgiMR26oQ778E7wH67DniNfz7GO9Oq9ewug0-VNASStIelQOqhDPGDy6Vsl7B7DEUVWfmFcNqmqIggaSOSUBc3uNLuNpuxDymTe0b7kkgAlU_47H4sNPF4yhlsbu3VFgkSQooiOXT7S2ta49qPyQKnt6obVnb27Wmh_6QZqftZMH4nU7Q2Uzs-sA5QsyoQMyJhePzr8VmtTr_loacRiJ6qAoA5NrMPIXyLt-z1-2vRCx677_sTEk3R_xbkWGfzuLrWrjMKSoQY5vmhJxYFuqol282WKa1uBcBjHgsz5UPBCKSbjah_Drh-68mx_a3IgRaXUtESu4WsdqaZI-ZWM6YcBndreagZ999UUXn_gPbNVreTrEHk11JUELCEruuwUYuGF9vvW-wFVw6CaAFsYDpKXjt-895MM2MSnu9Ynii_4I0qOUv5h8Iix3reUfoaMBjmT6HhHQ5rlqFZMDugVmKbME3W8nO-iFU-kP8OlQJ3a-TypcETyjCEEpkO_MAdDGPow9CbkfhsQ-SAoTvXnHqIAQ-XlDRu4vwfAXMDVrhSBXrbFv6fM7dNPo0XmU0CelWeXRi2-oqR1uMCtKOHbx4Q2qeHJ3MbSCh1SLvpojJ3CYqHLavUwXvuS60OnFwJ5jSR4lb8wZQz9QJlLky6XGhvk3b7CjOftkra1iBhjNCHcaNrlTRsY
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kv.jpg
s0.2mdn.net/sadbundle/7598209245225368827/ Frame 210E 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7598209245225368827/kv.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7598209245225368827/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
b928b6efb5c1a9acf68d9ddbbb3cc41c364d16fecd552526c3e15eb5cae4e17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7598209245225368827/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:13:36 GMT
x-content-type-options
nosniff
age
937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55425
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 12:47:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 10:13:36 GMT
rules-p-a128V7tctPVtT.js
rules.quantcount.com/ 		3 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:02:37 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
19597
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:44:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
6pCDP0dNCylR9tpOC3FPreyA-Q-ELiwWSwbZ13ide2dyAz2AKK2hlw==
popup.html
rumcdn.geoedge.be/rbu/ 		40 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/rbu/popup.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8496667e6ca10b43d843e825b1f87efa7afc417328b26f815c1b3c5b533ec1a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:25:17 GMT
x-amz-version-id
syIMtMYORg3qGAt5iZTB_5DSJtjB6jsO
content-encoding
br
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
237
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 08 Aug 2023 11:45:58 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1691495156/ctime:1691495156/gid:497/gname:jenkins/md5:52896e48320c4224eb8de1f2c93cb04d/mode:33188/mtime:1691495156/uid:498/uname:jenkins
etag
W/"52896e48320c4224eb8de1f2c93cb04d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-id
4LBeB_U4H6QcrZDYpRng551XnoN8XgcWszBEytVkSjbH8-aDS_rwhQ==
truncated
/ Frame C44B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d9e0d05669a3610c7263c551b8b406344c148713485f7e8124f61b05e2463cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ping
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/slotcar_library_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://html5.gamedistribution.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ping
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://html5.gamedistribution.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/?random=1702376953215&cv=11&fst=1702376953215&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&hn=www.googleadservices.com&frm=0&tiba=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&auid=424302550.1702376950&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
5170f66a790a31945d032a96829d2bf2cc0432ff7367de63c955c0445412df14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 37F7 		42 B
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJxhp7TQOP6YtQDUDjPawXbxn8LfIxoAMuZbo3Z_iOfQqqjGNDw810f4Cy3PWcVye5Y142GqXGBY9Wccx6SkYSN-6w5SsYs7I58KM3c9W6bzRoYTtxH-5UIg7_O_2h-HWCp3oam4EmufyIFbi-6jKOj7bI&sig=Cg0ArKJSzAPia7MlTWv0EAE&id=lidar2&mcvt=1019&p=99,140,349,1110&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1797975165&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376951762&rpt=496&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D5E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujButjhlSqrID0gFTkA8iavd7sLFZzY50E3bwG0Nn4Az1-7CoDHYu6z--CijUS0bE5XyCBxYMOcOsrNlujRCaOIENdJexZFTmFyrzFZ7XD93vhj8gaROtU8Mtgcx8sCBuk-auMqF1n5EEcmdpwHpNciisSTv3y6GW2Kk-ACX12DHhOB4PVr0Isp9QKeWImlHLAf6oxsNdxhywntsgvvjIyyS3g6VbS0IblJl08KYW00GXViGhw974FTHLyZyJ6Uo-noS36_Y40dkygFBi4EnBcOYzfGx0SCq8718z3DbaHafDdOKRf7pdLtGFyb53ESNz0xsws8blMZ9AGtj09pe1Ah5PRElv8425K6c8s0vx1yDKUFMmf8M7VxejNII85Hg59bjTHEDL-2o-JLLPXcXrcIGzSMHPGfNwj0j2z0KppkWZw5gedBgVSOctFi5xy4jp7RHL5K3yLuM-lEDvNUuXRLOAOnjh143G7IHb9cdSanPRV7nTjHZFLqLF21UEsYoUcP7GDIRJbvT1qM14TCpG3uzWfUPsFoqnOhCJ-Udj4c6S-mXp5Tyxnn1eUvSy7Sj8kQc7qMfkUXbJY4RUKHjJu3hNE30LtZdXGZAZTDqJ1ASf-cSSgf4zRbTAdqYQ0OOHQzzWYx4_VA1fgW82KdSRzIhI_to3_OnVxPtkK2sAamAlHn-UJyHDoxRJAZrjGLkmddP0EU5Uh_Q0bIEiBT8tAGE8TxuKJ2F43D_GLt7rvEFjioErvvL-I0xFFK_OKOkbzBy4PpihriGcOmIMSoCJLzKmSjPMHelFVz5yHuC5k8XiOXsTGHUvEVl4fmHBxW_QS38N4tdtcXU7kmK3ziVawgqryfd7U0GLXgJ2U5AdQT1L8f7XFCbKstAROKchosqlQHDM3hNGbA9kRSOilUIRZXxN3_8raKX_kiL8xavbi9M-TMxaiJcNXwc51zyl70ZoBMzWvoQzWRDdpXYxP5ufiDNB9lxcMHEnxwHiWmqsTgfrJ_jSWTS1kipWacNT4WpsmbQ8ToZktEwKB-fF8fOFkBgP-WRJh9IxPJQynwx6BVTrnxn_sA2a_wMzqDnIRBK4dMK91sKkMXuvs58yFcCxuBlrNtO0-gQ4fYB7IR-E1iZVcANpyQKlLIChkGMgZ1Ml2U5G9MhxfNsjtrVg6Kyw_LJQq8gGPqgCi87MdCwG_keEVz1l2iyQVWYRPPbLSolCkeRp9JWDGdephARyEtQ2HINWOjBMMHDhqFPvIX17QUGCaunJZUTM5a1IfFMG4XzOuLuvsMneWxpMBSj0wyYZdmKVCndILBlAk5biV0xW60I7nbbno-C3e_aE52QzBk-UKhtCz4Oq3ozolYkGVO6nNzWZtHq6MjsCrzseHrnrEIMB4Hp2CT6-u1wwVWtIfAIqzYjTh7TBXQNH7arBvqVbqOe35UGBh3Vu_ow6VOHI69Fz3xR4U56ZQWfSQueLyaFB-g56i7mpiOZybxIwZ6bPCUcH2fBAFSeFRXMKrCZIPAS0Fhe2bMtuZCMrb6H9W5iV6iaLEXiHMJyd7AbCdVQSHWwLX96KeTAlk6sB8&sai=AMfl-YRQFHGyWczf40p-7cMb0Lhdn_J4J1j_cJJDyjXJWhac5CtONz9FoUP-RDhwfNaCPKi2xgO1NYDgTDM3vUKJ03990Q86czJq37I41DmXD8EHM15g7VNxe6j_L43oezBHiRNSs7oabRWpfvfjttJv71pD9hBOsbI_8KJwW9qTnvtJrhjTOroVE7AnoB1GRELq4cmuRIhCz2sd9rSo6WEZB3Axw0nBWMLidLVEZxkv3PQXRZZHRwofcHoWSYe_KN6bYvLyTCGSlUCxycWCPi1QMs-NKtL5TmjSNx1Pbv3G9gwnWV7t2s41AEHW4upNu6QrgTGpoNl1LCOfSvJo1SL1g_EOTqbM1QZokSUsHkpYgEvoVv3b_DawCtUP2OftLi9KCdIdKewT4JToUCeb9Iui4JNTX2bRtO0EnDGLvAaeOpYWF9oEjX3a&sig=Cg0ArKJSzCdPG72pBEeTEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1565&vt=11&dtpt=913&dett=3&cstd=644&cisv=r20231207.56114&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rewardVideoAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/rewardVideoAd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
rewardVideoAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		68 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/rewardVideoAd
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
45f4d257ca07102991ba53b9793565a1f717ec2ce3f2bfdb8a0167477c703ee7

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
91
main.min.js
html5.api.gamedistribution.com/ Frame A34A 		509 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://html5.api.gamedistribution.com/main.min.js
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9d45c678b3efcbdc0329806a66b7eb00ae36276a5b697c0ad495a8e8812c1fd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:28:50 GMT
content-encoding
br
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
last-modified
Fri, 08 Dec 2023 12:27:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
79224
x-amz-server-side-encryption
AES256
etag
W/"209d428586d91452a16510b8f193cc47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
Lb5Cmob9qsCg8esvRQS4EQGgKx-qDfsvGQQSoONI-j7vUWNhqUcXbA==
bottombundle.min.js
ams.cdn.arkadiumhosted.com/static-v4.0/content/js/ Frame A34A 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/bottombundle.min.js?v=Arena-4-0-Live-20230215-1
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7f57bcee821673d24b0d1da1b8a89b26613984676f614912c1d6ef3cf2c5af37

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 08:27:35 GMT
server
Microsoft-IIS/10.0
etag
"19711d24bcd2d61:0"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=215
accept-ranges
bytes
content-length
23529
expires
Tue, 12 Dec 2023 10:32:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C44B 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty8P3Acc5UIZi1RNuADFj7AHuNCHER7xw9ybLxnJcCmAT7hxzszhJC3jqUSpHq7X_SQ-TZMxrEVBp0-5eQdHYHcEywHWzj2tdnUnQbxJrMm0dISqQBI9CPwjKmJ2pZkfhTaMP1sFNhj_0&sai=AMfl-YRzRhrF2lpxKfzI-Ws7E9aI_8tlb4nNmgPhzPK-HvJGJGuP0M_64yOl7TzZ0PIKMq2d9aIT5MlXOw4b9eVVOpgiOEH4zjuMVJiSG7jrx9TcZbuh51eeX4wQwaw&sig=Cg0ArKJSzIbD2oyCGrEREAE&cid=CAQSOwDICaaNxIph1UYWYaMP-qxywCqat718XbyJ4WZPvCuAlEIyu6Wlen5SYsMUe7_SfIpfsry6ZBauLHXOGAE&id=lidar2&mcvt=1025&p=96,1152,346,1452&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2135588503&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376951111&rpt=1225&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5E7 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcHXz7uIfSbNq-Q9ofgGR6dIcSMsQIO5u2aFnYcbQ7EqX1TE-lAh9A-Iru0jeRSnQcWbBO6rVpuH704xbYKbuukIs9FRj_Dd9bYeNZ-3haZ4jjM-B1voTuvkk3jMNebcNGLaQqvQkF89vKWSW2kwiYa1M2&sai=AMfl-YRc_509rzCbVUHeVRV0bjCrhmB8c1UpV9aIKWJNLuJeSWxPYXe7ZqjeNVWvpVDm4wEMq2MYxua9f44iyUCGBRoo6i3GSXFAAfOYwEMVHdoU-i9cUB6Fvl7ivb6V&sig=Cg0ArKJSzN7V8CkjKwg4EAE&cid=CAQSPADICaaNOrRkaDOAsTdV3z9EaP8NeHFdAd7hNORTJAvBeHrJ7xFWfE09hrDvF69pZy1o9INzcJ4MZAICcBgB&id=lidar2&mcvt=1009&p=377,1411,417,1452&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3838852029&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376951516&rpt=693&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/696467118/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/696467118/?random=1702376953215&cv=11&fst=1702375200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&frm=0&tiba=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_r3kcNqY8T76v6hDYAWKerqV-iOHTJPJpKjX2bORX6SglL59P&random=2490432325&rmt_tld=0&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/696467118/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/696467118/?random=1702376953215&cv=11&fst=1702375200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&frm=0&tiba=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_r3kcNqY8T76v6hDYAWKerqV-iOHTJPJpKjX2bORX6SglL59P&random=2490432325&rmt_tld=1&ipr=y
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 426A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?htwvGg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
widgets.js
platform.twitter.com/ Frame A34A 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/bottombundle.min.js?v=Arena-4-0-Live-20230215-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:14 GMT
Content-Encoding
gzip
Age
1360
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/67BC)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
all.min.js
ams.cdn.arkadiumhosted.com/static-v4.0/content/js/ Frame A34A 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/all.min.js?v=34
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
26d362e89afa0c6949cc641dfa6b3a36da6596603578da392973124239eb0046

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2023 10:31:42 GMT
server
Microsoft-IIS/10.0
etag
"0bb1ddcf141d91:0"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=797
accept-ranges
bytes
content-length
6530
expires
Tue, 12 Dec 2023 10:42:30 GMT
collect
msgrt.gamedistribution.com/ Frame A34A 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.loading&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjIsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoxLCJhcmdzIjp7Im1lc3NhZ2UiOiJsb2FkaW5nIn0sInR0bGUiOiIiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImJ5bHYiOiIxLjUuMTYiLCJpbWd1IjpmYWxzZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiZ2FtZWRpc3RyaWJ1dGlvbi5hcmthZGl1bWFyZW5hLmNvbSJ9XQ%3D%3D&ts=1702376953529
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:13 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
/
game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/ Frame A34A 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/?domain=theepochtimes.com&v=1.36.5&localTime=11
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
95eddbd4080973924f910a3d7ec9a34b7d298ab639caa856faf7348f745afd04

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:13 GMT
cache-control
private, max-age 3600
x-powered-by
Express
content-length
4546
etag
W/"11c2-qLQkYKHxh9XUDB2oKeaaSDx9qog"
content-type
application/json; charset=utf-8
collect
msgrt.gamedistribution.com/ Frame A34A 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.loading&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjIsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoyLCJhcmdzIjp7Im1lc3NhZ2UiOiJsb2FkaW5nIn0sInR0bGUiOiIiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImJ5bHYiOiIxLjUuMTYiLCJpbWd1IjpmYWxzZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiZ2FtZWRpc3RyaWJ1dGlvbi5hcmthZGl1bWFyZW5hLmNvbSJ9XQ%3D%3D&ts=1702376953530
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:13 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
/
game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/ Frame A34A 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://game.api.gamedistribution.com/game/v4/get/0d8acf7c95dc4c02b9d881f769a5c0b1/?domain=theepochtimes.com&v=1.36.5&localTime=11
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-108.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
0256773b3d93a7580dfc402dc883604263494826434877d3d87df30d45f6770d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:13 GMT
cache-control
private, max-age 3600
x-powered-by
Express
content-length
4544
etag
W/"11c0-nDmngFL73yLoLkkkaOmNLHEltYA"
content-type
application/json; charset=utf-8
usermatch
ssum-sec.casalemedia.com/ Frame 15C5 		2 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70659f067848d788d5f882e6fbd2ed34b1268cec421263717af9198897a6c46d

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834548f7ff8f4bdf-MXP
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 10:29:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezl3rUyNDuxw2LxKS82e3eo38wI38nBFqilCMK4DsjbBRS%2BGJla4PbqEWS8ShAxYLLfKiC7uZO26d1jjwgwBTsw%2FiJeBs3LCGdY8SqIVrk0VrT2ey4NEWP1Wot6uktbofqM96JHMpCui0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E941
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 10:29:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 10:29:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame C3BD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
vtLBcYuMtejYvoAwyDyigK2IpoK7fnuYTx0QZKnu2I1vLCUXAm5ZtA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame C3BD
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
JsgAMPzATds326VtPu8393GlVW4v2zVhGCRMP2nM7yXsnofWLcFKrg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame C3BD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
usr.undertone.com/userPixel/ Frame C3BD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
YyghZF_kEaZ5vSHysaVDjUnAvvvIULvc37ngFZS378NYlDB40s6e9A==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pubmatic
um.simpli.fi/ Frame C3BD
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUUwMDAzNDEtQ0VENy00RjNDLUFEMzktNUI3RkZDRUQ2REIw&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 10:29:22 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame C3BD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
lkyVOclIOrn1EaVQWoIclciSv2gkeC5qgcIiRBimtsSpqxsZfjCMPQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame C3BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
Rx6eWGRgSZb33-p4amVFZUHUsvBrXbuED0Oi5sefVfVbpw583fv-eg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 399B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
P2ZLXfEwnRx-gTQzZpLwljfaorj7MMdTubLuGtWyNqIplOtGz7WRng==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 399B
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
rPrxF-EicA9ilGCm9xjhBILkD-c5Vhom5mbxPI4ISwLvVrWZIQynJg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 399B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
usr.undertone.com/userPixel/ Frame 399B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
vXdKFXs7M6_vH0WrIKOzMZegQ2ktS1-mBXX2LBl5WITsz_9KnXmlsg==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
pubmatic
um.simpli.fi/ Frame 399B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE4QkI2NkYtNUUwNC00RTcyLUFEMTQtMzM5MjVGMENGQjEz&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 10:29:22 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame 399B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
qco3gA4Wj33JW_Xg6v8PwI87Ikrp08QWjCLei4f9_bWpPY5JMYdG9A==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 399B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
8pko-Lbp3L6yh18N1HR30-sJyxNecMiV5Vr7D7yTp0ekfK4MI6cOpg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame BCAD 		2 KB
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41325c82ffd14aa381ef6628dcdb9a1ccaa174a1902f60a438fb5c0946fcddb1

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834548f7ff8d4bdf-MXP
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 10:29:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XV3gVJhc4sYBAE9xYyykFdjIIe%2F%2BeCbbJYBof1g6DgW9PLvhdgjObiywRLIXYBTxiT4hf1eaoJ9L7Z7qwYDPRC1pHgrS%2BOwvCcqVN9eedhQ6FKUCiFNsE3cP%2Flqi%2BY4hrHo1v5%2BUoGYng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CC41
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 10:29:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 10:29:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 6E1A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
33t4DXMT3vs52X6cJgCz0A_4UVa-LhlsIPLLLW1yZlvmFtDRlvYhdQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 6E1A
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
A5ONGLf5KdfpKzpOqB8Yln3o69VH0a04L9pJAeafOEH_J1jGtNOH0w==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 6E1A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
usr.undertone.com/userPixel/ Frame 6E1A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
6Pq37KdmpYaEWwRM6uml12f8ieX4504ul8DMQb_-fMzGOht9ZAtL3Q==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
pubmatic
um.simpli.fi/ Frame 6E1A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjBCQTNBNkUtODZEOS00MUM2LUE3QzgtQUNCMzU4REFBQjE4&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 10:29:22 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame 6E1A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
shdZNtuJhQjNzxxvgfWC1QonyXntGwOZ1vbLD4ZDKCopAS0Cfg4l_A==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 6E1A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
5-z2xSxtvBFoy3lRPqH3WRGyQtHZV5Ej4vV0HqKDH83XgwMK2LifDQ==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 2DE2 		2 KB
856 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
784bc5a04e4e922d5ffd876775571ef7386fa366d22c68ba62baf3afd1877f5e

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834548f7ff904bdf-MXP
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 10:29:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ75TAZ2hxLwRQvMl%2FfDTKYfYef9%2FTM7e1ntfqArTUNxXAw31dW2gccl2oSft7xRLcPsFSCzWZlF%2FSdU7dUr1dgTBEr2cps95eRz0gQy66k6Ij2a%2B8TrCpSu5xhqUX7B3aoXMzfpbfXgCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 10:29:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 10:29:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame A7A6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
0
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
4EKi_5IbgmdEZ_nJbegqAtEX5d-to3_NjOvrqDK0o550gCvvEl9ydA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame A7A6
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
sidpcmyQJmheN_Egc7pSMFPEt0uC2pK1DuZo6aMu9n9FFJPb-2H3wg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame A7A6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
usr.undertone.com/userPixel/ Frame A7A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
ymBpf62xzXD7M0X4pe_Gl9St0FtEryqCFun2UiVnmVh8Y21PBTVdpA==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pubmatic
um.simpli.fi/ Frame A7A6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjExRDM5RTctNkNFMS00QzRFLTlDNDctOUNEMTRFN0NEMjk5&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 10:29:22 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame A7A6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
nAH2CY2GnkzR7VkpgnDz-NRfMdbBSGl69FsHAFg7zNm3pNr_h5yHCQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame A7A6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
19OVkRwG5lBnwxoPuQe6dA0O-urdA69Lsn4iXfWWehD_au1Eo9IrcA==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 4A54 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31115097c81cc627c341e72d364ec9a9588c84ef37ef3bca2de41b69011fd7e3

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834548f84ff34bdf-MXP
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 10:29:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3nWebC5w6%2FNyJEuga5YufIjdk%2Fm%2Bx03q1cSAHEFTGobswAyEs7jbz9qgrmgT33R7TJ4Sjm%2FGVGIXIWfXu03jLXmBj7KnRSCDUwLexaMjDiORedZ3zo5Y4vNc82XqoDJhUAV6vnyR0Bd8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 10:29:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 10:29:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame A169
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
aTL8ZWl-GID1tlpSz3FsbiHJ3xG6770fmfiLxz4wFI4t_VLFyO7I7g==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=d281f6d8-76ff-4dfa-843a-316e0af2740c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame A169
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
7DW3m8XAmhxdJpnqVWlpQyi5b-acw4pYe_0Vy_Rks7NuLS-_KxyzTA==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-O3e4R2lE2uGDFi8gXbPwA8ryjD3LdT6K~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame A169 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
usr.undertone.com/userPixel/ Frame A169
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
4Q6dr_xIb6l6WmdBaKTVP9H2KjAaegYSaplBa0dYBN8yHqEeG75Vjw==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pubmatic
um.simpli.fi/ Frame A169
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0E2OTJBNzItOTNGRS00NzIxLUFCMzItNEFENjdCMUZENzA5&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 10:29:22 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame A169
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
zGcrFfajOh4Gm1TqT7oi18rob-Jp6xZIxgaVqDtVNvD8lvVbvd6AiQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame A169
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
bkBeFbddmnM9sk1wD-UhTcCTQf_ocukifafOybB72DVqzcm0ec3-Sg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 4E44 		1 KB
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ba57725f16d327d071677d9bf7e0b06b0a9c9799e48973bc50775e9fff1796

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834548f84ff74bdf-MXP
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 10:29:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixngPACsuxAC6NwsQEy4GyroAsom1yl7NC8jrkYIHni7yL79j%2FW20te%2Fbx2ScH06vEosHZR5xgRMk%2FEsNSVPw8XD4Cy0pk7pQxUKGsk%2BqVt1YLkixZEy99BDlteVKBaajYBpQJRxGEcENA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 10:29:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 10:29:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
/
gamedistribution.arkadiumarena.com/useritems/userinfo/ Frame A34A 		146 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gamedistribution.arkadiumarena.com/useritems/userinfo/?rand=0.44566519940191585
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/headbundle.min.js?v=Arena-4-0-Live-20230215-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.143.223.9 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cd34db0cc9f488a301e6ea1c7b2cb60b31cf245b979691fae0b582e9820d2ff0

Request headers

Accept
*/*
Referer
https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:ed8ef83b-4780-48e0-b557-c767b944a488
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
content-length
126
expires
-1
dcm
s.amazon-adsystem.com/ Frame 15C5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VC320R42722GHXFDVDZV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4KYMW55X06BTBERHRPMN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 15C5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 15C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3izTdFI%2BgfQqCqCHW%2BPDGY57LacUHGI%2Fs2DcrXHqYsR9F1YGSm3LuTTD3R8%2FsSXcxGKGOwSPeNqc3ovtLVdIDOyCNyECiZqM%2F1yqqNscv2Si07P98UV7VoV7Vr%2ByK%2BQ7BWngFnLM9g6pcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83454902b8080e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
53233
d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/ Frame 15C5
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=94d1d17c4cd04c15a1b80c4bf9700926
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
0
0
rum
dsum-sec.casalemedia.com/ Frame 15C5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7462143506322131454
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7462143506322131454
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8hqmtZDJ0GHAMTVZbE0P2Bz8g%2B5x8%2BdfJqCBsUJf0%2Bvs5z1%2FPNQvb8p5kBHt5uqDBaJbZNz%2Fc4dZG8M7WZYS7CTWPw4NjYLGPSv7kihNzK5lE96cS4naRGX7PAAKk7EQAWXbKze3V0MQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8345492e7c090e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7462143506322131454
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 15C5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R0CuN0JA_zdcEKk3Exe0ORJErTpcTK84R03cyD2F
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R0CuN0JA_zdcEKk3Exe0ORJErTpcTK84R03cyD2F
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AdnuTbkM5FoPC3%2BhkkszBp8kshn%2Fmul3wsPeI%2Be8uOCGd1%2BAOARqt9W6hVdhapmZXBbGPKOI29foBN5hwhvUzM3k2rdnLGG4Rq0d20argOO3XrJvQqIwWavP%2B2X4WdBA9fDVrzict5GUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fb7bb30e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R0CuN0JA_zdcEKk3Exe0ORJErTpcTK84R03cyD2F
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 15C5
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1c3297fed6e741dfb3b60f15ea1796d6&expiration=1704968954
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1c3297fed6e741dfb3b60f15ea1796d6&expiration=1704968954
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7xWaViUx2dhCnTM2QxcPuaAMRlBIxO42YgT5XTXqCwW0ifyzJKR%2Bulao50vQG5rGXHrTzBfL1YgUkOFKKej5OypZ3D%2Bkxd0eLPwpnuVbJ%2BJkxysris8AnZraovrz9Eb5fUiaC0R5IcZ6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fb7bb70e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1c3297fed6e741dfb3b60f15ea1796d6&expiration=1704968954
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 15C5
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718188162&external_user_id=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718188162&external_user_id=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=as3uDTKMM2CdGtcZ7VduXkTHTm%2B1EprVz8x7UaXcOOz3rTzSct%2BsIDEtZ7NV2bah%2Bizls5EXMDmtS%2BqgJzTyY9dfg4qihZ8qA9eaDCdea9j36scHuLdon90eTHyHNkIj%2FRBMZ9pqsj5Pog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8345492e9c4f0e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718188162&external_user_id=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
sync
usr.undertone.com/userPixel/ Frame 15C5 		0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
J0kiN4VnzcwRW_S9HRqOKQ4WgThnCJwmjLQkRByY8xkwSVAwzxCIEw==
x-cache
Miss from cloudfront
53233
d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/ Frame 2DE2
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d578a70e8468410cb05e27dbdd37ca82
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
0
0
crum
dsum-sec.casalemedia.com/ Frame 2DE2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8151302574394360069
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8151302574394360069
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FTj2B5Bd7zQWpnUbQBxwy6Xr9wGIrJA%2BuxjomvhnH3keNlZyTGlfDK1tc6UeR8x5nOCD4zMfEuUnQwefttTfuS7%2FQVXll%2FxrAPc84nf%2BoMZDEbMBNtQWFNvwKx6Han3d0LSXTwjJvHkNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fafab20e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:13 GMT
an-x-request-uuid
02d41357-4a19-45b5-b4d0-6f6862f83d77
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2DE2 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.87.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 2DE2
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f4c8d6416d16ab94eb4d32e5561b56e&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv0b34_7313351356169512981&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:22 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702376962306014-549
casale
match.adsrvr.org/track/cmf/ Frame 2DE2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
server
Kestrel
content-length
70
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 2DE2
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=11962df0-3e75-53c7-e5a2894f
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=11962df0-3e75-53c7-e5a2894f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiLiCPmRLE268Xg15XIm8Jav2ncTts5b3QtVJDT1BSV4sS0Ksjzk%2F3n4mdqabGNEULfg5X7amYUUQfUbVqD85LpxVaVyhdSi2MrB4OIdWQiVvrMjMieUQOL5zpgMvuVkbzfdiealR6gpaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fea9040e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=11962df0-3e75-53c7-e5a2894f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 2DE2
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=fbe959de-ea15-43e3-8811-e8045f163537
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=fbe959de-ea15-43e3-8811-e8045f163537
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgdiRpoVLsPhNYHQDPnnK1065mcMT%2FeUsSHu72qnoTZAcqmeYW6rOZpZVKv4jVG14ksyVMtw4hDwYqQ6NTtBH9ixeVRRO3MU%2FdbnsnjczIaC6ryNJAzenZ7SQUmCOsIXBsZwe4mMhdvplQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fe38290e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=fbe959de-ea15-43e3-8811-e8045f163537
date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 2DE2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXg1_gAGXY3WwABU
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGXY3WwABU&_test=ZXg1_gAGXY3WwABU
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGXY3WwABU&_test=ZXg1_gAGXY3WwABU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shfU2xDC2q1smXSB7NsE1Wi5OeI%2FZPPbETnbcqtaq49en0rzYXd%2FmAXpanebV97x5XWfSI0d5LRXXWCWPzy0nXGxuJ9NuDZ4hec%2FdSRno3YswAO%2FrDC6mq95PPjNMamSh6QJMo%2B4irdmdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548ff29fc0e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230038-FRA
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702376955.678229,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGXY3WwABU&_test=ZXg1_gAGXY3WwABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
usr.undertone.com/userPixel/ Frame 2DE2 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
tL8teSO66ZgNbHN25UPee_cFiXflobbbo7RjOaeUzgECSfjFiXcHQQ==
x-cache
Miss from cloudfront
53233
d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/ Frame BCAD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f35a8ff934f14f52a4c41695ea212e10
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
0
0
ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BCAD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
54.76.87.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
date
Tue, 12 Dec 2023 10:29:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame BCAD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABzmU7K8GwAABPKX_gZFA&expiration=1703586554
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABzmU7K8GwAABPKX_gZFA&expiration=1703586554
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7DLhgEX272VqBcGqm6v9QUG6OV38VUWUSZjXS7QxEpAdAYNRjTDe4E5UwUu1gKp2WsIyARVrbVYG0fa8qfStHk%2FEJ%2BqSUATgU2Y%2FcSZmbaY77PA9FbwzW2PHemtwZ7e%2BmDTLm%2B8spCsyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834549010d050e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABzmU7K8GwAABPKX_gZFA&expiration=1703586554
Date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame BCAD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=d249f84641b163d&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30alf354aANxtMNWAAAAAAA&expiration=1702463354&is_secure=true
43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30alf354aANxtMNWAAAAAAA&expiration=1702463354&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv0PIlZbD6VdgcxWS%2BeQkWx%2F%2BSQ9UWwWcX7qX4M0tRRbdqyiS6evv%2Fbv5bOrLcRnTOeTn9TZB8n6uaRwH7zT5U6kjZ%2FPep48XkVj5AZKV8s4c2CH10uAB9KFoEjWEbT2H7Hkljat"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fcb8174bdf-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30alf354aANxtMNWAAAAAAA&expiration=1702463354&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ix
ad4m.at/ad/sim/ Frame BCAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame BCAD
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZXg19.CgV1XLmDdXOS6uOQAA%261147
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=3cae163a-8bd3-4648-8b34-dfcf951311d5
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=3cae163a-8bd3-4648-8b34-dfcf951311d5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGuyb2cscED5wUqagK1jJsoT0QOtut9rNT%2FWRCiS1d3cbERtYllIT8rCMheC2ThPCbXUY0Ck1V8ulcogiCPKpl%2FDSi%2F%2FooVraonbqigjakW2q%2BSIke0txnt3HqymBcnZqsp7vjgtZVZ%2FZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fe88b00e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=3cae163a-8bd3-4648-8b34-dfcf951311d5
Date
Tue, 12 Dec 2023 10:29:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
casale
match.adsrvr.org/track/cmf/ Frame BCAD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame BCAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jScm0UZ3I2MH%2BL0EE0TDUN27KwS55sHGsWv71zm2YIaUC4kCab2pRCoLdl3V2gQxn2VBLvwPYTsX5kuJfDfPvmY%2FN47u3NjmT%2FEJqKh8AwdzW9EkamvnYhu%2Bn4KweEo1JMLURZTZtlHGqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83454902b8060e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPOgekZFMFXSJ8jOs5TDusE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame BCAD 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
segdg2jdJsxu0PJK78Pxn3nyPapIN0gfrO5C66rcgvle-xoyc_SXRg==
x-cache
Miss from cloudfront
362358.gif
idsync.rlcdn.com/ Frame 4A54
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b29b440ce2c34e58b1999cdfd3c9bb4e
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=94d1d17c-4cd0-4c15-a1b8-0c4bf9700926
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b4860cc5-481a-44d7-948d-2690ec43bc3a%3A1702376962.5905209&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db4860cc5-481a-44d7-948d-2690ec4...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=4664819835033446644&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db4860cc5-481a-44d7-94...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b4860cc5-481a-44d7-948d-2690ec43bc3a%3A1702376962.5905209&_=1702376962.5928612
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdiNDg2MGNjNS00ODFhLTQ0ZDctOTQ4ZC0yNjkwZWM0M2JjM2E6MTcwMjM3Njk2Mi41OTA1MjA5EAAaDQiG7OCrBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIeDlT2VYX-VKPA8cP-syXE&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIeDlT2VYX-VKPA8cP-syXE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIeDlT2VYX-VKPA8cP-syXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4A54
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=13BE9204229141EDBFD6D1744A40FED9
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=13BE9204229141EDBFD6D1744A40FED9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xl4idDzblxnINkgUWbTdmc7cEjyWHWeifieBfYzYnzLb53oDZaP758IlwRibTxZy0fvPNymc0tAcg49GfIgS8cC7WTzQZnOA0sVTK%2BzyvqRZsJCONNe%2FJTgDqc4UXGKjseH3N4sJwUqMBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fe280c0e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=13BE9204229141EDBFD6D1744A40FED9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 10:29:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 4A54
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxyaVdMoP625fn8op9ZOj%2F6PT1IZR7zrTdyc3qg8R%2BhUJGuxXjxaujb18Qih4l9y%2B7UD%2FygJIkNqrvreAlGcbebbpua3mCBEyzzN19XgwFaMcZJwdznMBAJSN3B%2BtlebD2vLLx%2FC9xchQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83454900eccf0e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Date
Tue, 12 Dec 2023 10:29:14 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4A54
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586554
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586554
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FokKpLkINamNGQF99o7cN1VeX7PrhRzdIpXJrcaQttyr5cGP0%2FACRMKIEDsAK4imBcFMFknCnranLhlRcp%2BF8uSOGP78qZPr50BBZsCzqZ7EclNwv%2FPITY8sJwKTe5NvGMiIbUmcllVraw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fbfc9d0e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586554
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
s.amazon-adsystem.com/ Frame 4A54
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y31ZKEZV4C9VAMKPKJQW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZF4JKN7P1N8NE424M5WK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4A54
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXg1_gAGW1rXrABU
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGW1rXrABU&_test=ZXg1_gAGW1rXrABU
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGW1rXrABU&_test=ZXg1_gAGW1rXrABU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiUHxQkV%2BfVWCCAHhDYx6OqMWh%2Fu%2FGdBmp%2BQl9cXIDvS8tzu3yac6BL2Cph%2BJaTfFdHEOKoQAEvfifEC1fVeKGTIcwEmvlyTgOew9F%2Ft1zxQR0CwoDFABdU7%2F%2FS%2BfywiYW9qi53b2mJq8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83454900ac730e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230038-FRA
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702376955.806573,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXg1_gAGW1rXrABU&_test=ZXg1_gAGW1rXrABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
demconf.jpg
dpm.demdex.net/ Frame 4A54
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
54.75.61.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-61-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
EFHcFJL3SP4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-047246365.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
IhWHw05cSrM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
bridge
cm.adgrx.com/ Frame 4A54 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
usr.undertone.com/userPixel/ Frame 4A54 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
3CWjOW5Jay8CKAxQQBn8UiHFMu58HGsyjLnL4i6dA_mUbWIym9m5_A==
x-cache
Miss from cloudfront
css2
fonts.googleapis.com/ Frame DDD6 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:04:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DDD6 		205 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:46 GMT
x-content-type-options
nosniff
age
5676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 08:54:46 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DDD6 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:54:34 GMT
x-content-type-options
nosniff
age
27288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 02:54:34 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame DDD6 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
25414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 03:25:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame DDD6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
29018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:25:36 GMT
52154.gif
idsync.rlcdn.com/ Frame 4E44
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXg19.CgV1XLmDdXOS6uOQAA%261147&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b25bca1b302e457db10d4493ae778a9d
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=94d1d17c-4cd0-4c15-a1b8-0c4bf9700926
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a2fc068d-b84f-4951-b49c-5c50a117c015%3A1702376962.5889974&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da2fc068d-b84f-4951-b49c-5c50a11...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=4664819835033446644&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da2fc068d-b84f-4951-b4...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a2fc068d-b84f-4951-b49c-5c50a117c015%3A1702376962.5889974&_=1702376962.5912595
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8151302574394360069
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8151302574394360069
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:26 GMT
an-x-request-uuid
cb034221-1342-47e8-955f-f3dfe99bc62d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8151302574394360069
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4E44
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BNbeHz5l%2B6PvB%2BfQ4ySLAHC6cbPxjQEQ75Y1Y8Y7u0uVkR%2Bb42KOF9Iru%2B5HUC2RkL1ZWEKIvCerB3ZQSH1y9N1I3g2TDZv5Y8W8ILTxrzYPEfe7qMJrteK%2FeUUo99fwAXNvBQk%2BFGYQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83454900ac760e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Date
Tue, 12 Dec 2023 10:29:14 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4E44
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DB4BF262E0F44031BD99C3D90F318DAB
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DB4BF262E0F44031BD99C3D90F318DAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3a7KB57ya0PntfNRAgwj7PvnU52zA1zF5iYuh5T4YvQviSwJLEAz4TC9tHvQHlPVTE%2FfEX0IDr3uxTWtZUPaLBlY%2FKVOa0A2pNY%2FGZxRmFPUSZAAsrlHvfW2gxTlF9RD3LOdmP3z%2FUuTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fe28100e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DB4BF262E0F44031BD99C3D90F318DAB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 10:29:14 GMT
crum
dsum-sec.casalemedia.com/ Frame 4E44
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586602
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586602
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR6X1idgsMIF9eBfvXW23b1iI%2FBRwcxVZG3b6%2BfxAkX1Q7r5RqY6JWKZIN6fapWNMeUbFs9Xy1TSHREMSjHMRqDdIcff4OA8SrPpeoMh66jNit4AXcgZACOXttZagYKgOlFcKU8ahmidjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834548fbfca60e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7479292622435232592&expiration=1703586602
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
casale
match.adsrvr.org/track/cmf/ Frame 4E44 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 4E44
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEYkE7K8GwAABWIV0ZT9Q&expiration=1703586555
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEYkE7K8GwAABWIV0ZT9Q&expiration=1703586555
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BfZR4Nwm1jFKXcOPg0wKS0coAuExnEiYR5CNuI3fRZztyk%2FfWHTDMS%2Fvi7mUg%2FmDy6o46r5Q%2FfosWmdKvJ0odcsWfvKdFawjWu575bJrpTM3XBv9%2B5nwiuNxiIP%2FpudGw50Zr1wwoJDZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834549018e0d0e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEYkE7K8GwAABWIV0ZT9Q&expiration=1703586555
Date
Tue, 12 Dec 2023 10:29:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4E44 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.87.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-87-161.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 4E44
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699eac8a04220olwb00lq27aeve
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699eac8a04220olwb00lq27aeve
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mW3YB%2BdwjNdhn2O4EoWVuxYExpoQvzZKSUzDebCi%2FEQeBchaTYyq26jqQNth82LWFf3z7tVVfkUAqXWpQ2DCUhkYR92tLWwJUlWTheDch5MEX2rSueJQisFKpRgP0GWio%2BOO0rPk2sIkwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8345492ebcb30e52-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 10:29:22 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699eac8a04220olwb00lq27aeve
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
usr.undertone.com/userPixel/ Frame 4E44 		0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
6dv7z4WBnikBT5KT3KmmwiK19vBYjmGxzOwN-QEj4PzkENhdEUOfjg==
x-cache
Miss from cloudfront
css
fonts.googleapis.com/ Frame EBED 		2 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:38:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBED 		604 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:54:34 GMT
x-content-type-options
nosniff
age
27288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 02:54:34 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame EBED 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
25414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 03:25:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame EBED 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
29018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:25:36 GMT
countdown_handler_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame EBED 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/countdown_handler_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
89acbeb439ca53ded13089e3f2d50ad3730c2cd93b7db96542e78380cbe169f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
52308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7598
x-xss-protection
0
server
cafe
etag
1054237720321538216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 19:57:26 GMT
collect
msgrt.gamedistribution.com/ Frame A34A 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.success&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjIsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoxLCJhcmdzIjp7Im1lc3NhZ2UiOiJzdWNjZXNzIn0sInR0bGUiOiIiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImJ5bHYiOiIxLjUuMTYiLCJpbWd1IjpmYWxzZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiZ2FtZWRpc3RyaWJ1dGlvbi5hcmthZGl1bWFyZW5hLmNvbSJ9XQ%3D%3D&ts=1702376953977
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
list
cs.minutemedia-prebid.com/ Frame 9EEA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/list?cb=__SRCsSC37211470&org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
8ff648ffcf24e3c1e92b88c909fb9c52610024c7ceca7173d52e26c04d343ef4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sdk.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sdk.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
1039
collect
msgrt.gamedistribution.com/ Frame A34A 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.success&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImRwdGgiOjIsInZlcnMiOiIxLjM2LjUiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoyLCJhcmdzIjp7Im1lc3NhZ2UiOiJzdWNjZXNzIn0sInR0bGUiOiIiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImJ5bHYiOiIxLjUuMTYiLCJpbWd1IjpmYWxzZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiZ2FtZWRpc3RyaWJ1dGlvbi5hcmthZGl1bWFyZW5hLmNvbSJ9XQ%3D%3D&ts=1702376954017
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
adsct
t.co/1/i/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=888f631d-ef5b-4d53-b1c6-f6f78b79cd0b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=nzye8&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
176
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
a5e8eced6ad33630
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
c267757900f012650f79e9d0b26e98dcdc5008a1dd92bab6228517dd6fb316ba
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=888f631d-ef5b-4d53-b1c6-f6f78b79cd0b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=nzye8&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
189
date
Tue, 12 Dec 2023 10:29:21 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
4d512ce7aea9989f
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
013aeb6b27cf6532d1bff9764f2c118c2a00c585a5a888197c11c94b84cd5422
content-length
43
adsct
t.co/1/i/ 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1ab43085-f893-48e0-902e-033c285eb6ee&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=ofnz2&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
190
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
1d4a7acdd59cd451
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
c267757900f012650f79e9d0b26e98dcdc5008a1dd92bab6228517dd6fb316ba
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1ab43085-f893-48e0-902e-033c285eb6ee&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=ofnz2&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
177
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f2bccbfa5e689e32
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
013aeb6b27cf6532d1bff9764f2c118c2a00c585a5a888197c11c94b84cd5422
content-length
43
adsct
t.co/1/i/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=53db1dbb-26ca-44f0-8758-5a10d35f8ec3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=odl9r&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
181
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
022c62afc7ecad40
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
c267757900f012650f79e9d0b26e98dcdc5008a1dd92bab6228517dd6fb316ba
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=53db1dbb-26ca-44f0-8758-5a10d35f8ec3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=odl9r&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
189
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
70780fe8e5f2701d
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
013aeb6b27cf6532d1bff9764f2c118c2a00c585a5a888197c11c94b84cd5422
content-length
43
adsct
t.co/1/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4c20e3b2-cd43-4bc1-8d5e-818de68b9493&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=ofy5s&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
111
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e01eb53183c18e0d
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
c267757900f012650f79e9d0b26e98dcdc5008a1dd92bab6228517dd6fb316ba
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4c20e3b2-cd43-4bc1-8d5e-818de68b9493&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=ofy5s&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
170
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
3f20f3ce022cca61
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
013aeb6b27cf6532d1bff9764f2c118c2a00c585a5a888197c11c94b84cd5422
content-length
43
adsct
t.co/1/i/ 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c108f2c3-c774-4624-8555-17f6285e3e3d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=od4qh&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
178
date
Tue, 12 Dec 2023 10:29:21 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
596fec0a74b3784e
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
c267757900f012650f79e9d0b26e98dcdc5008a1dd92bab6228517dd6fb316ba
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c108f2c3-c774-4624-8555-17f6285e3e3d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cab2e25-a899-4ca8-8954-20c497053a2a&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&tw_iframe_status=0&txn_id=od4qh&type=javascript&version=2.3.29
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
182
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
63019057578a4f56
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
013aeb6b27cf6532d1bff9764f2c118c2a00c585a5a888197c11c94b84cd5422
content-length
43
138003605.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/138003605.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
1152f79a12543479de3ec4e56eaa913401cd934968ddfcbf833218f585a0e494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 12 Dec 2023 10:29:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 718DB89F2F5F40458662C76D94CC5A7E Ref B: ZRHEDGE0713 Ref C: 2023-12-12T10:29:14Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=138003605&Ver=2&mid=7abc8115-4679-4858-bffa-6df862b23946&sid=4bb34d4098d911eeaf6005f13f0e55cf&vid=4bb38da098d911ee8ec5ad27f9bb6c5e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&p=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&r=&lt=2537&evt=pageLoad&sv=1&rn=821419
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 10:29:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 809105576A3648ABBC7BF7C9E1AE984E Ref B: ZRHEDGE0713 Ref C: 2023-12-12T10:29:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.608.2_en.html
imasdk.googleapis.com/js/core/ Frame F8B7 		750 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://html5.gamedistribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
72770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245949
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 14:16:24 GMT
expires
Tue, 10 Dec 2024 14:16:24 GMT
last-modified
Thu, 07 Dec 2023 18:27:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 6E1E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 10:29:14 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7143 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 12 Dec 2023 10:50:34 GMT
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.adblocker.flw&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImN0cnkiOiJDSCIsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoib2sifSwidHRsZSI6IkJsb2NrIENoYW1wIiwic2l6ZSI6Ijk2MCB4IDcwNCIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiODkiLCJvc25tIjoiV2luZG93cyIsIm9zdnIiOiIxMCIsImJ5bGQiOmZhbHNlLCJpbWd1Ijp0cnVlLCJpZWd1Ijp0cnVlLCJpdGd1IjpmYWxzZSwiY21wZSI6ZmFsc2UsImhvc3QiOiJodG1sNS5nYW1lZGlzdHJpYnV0aW9uLmNvbSJ9XQ%3D%3D&ts=1702376954081
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
collect
msgrt.gamedistribution.com/ Frame 6E1E 		2 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.adblocker.adapters&ar=W3siZ21pZCI6IjBkOGFjZjdjOTVkYzRjMDJiOWQ4ODFmNzY5YTVjMGIxIiwidGRtbiI6InRoZWVwb2NodGltZXMuY29tIiwiZG9tbiI6InRoZWVwb2NodGltZXMuY29tIiwicmZyciI6Imh0dHBzOi8vd3d3LnRoZWVwb2NodGltZXMuY29tL2Vwb2NoZnVuL2Jsb2NrLWNoYW1wLWVwb2NoLWdhbWVzLTM5NDIzNzIvIiwibHRociI6MTEsImN0cnkiOiJDSCIsImRwdGgiOjEsInZlcnMiOiIxLjM2LjUiLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoibm9uZSJ9LCJ0dGxlIjoiQmxvY2sgQ2hhbXAiLCJzaXplIjoiOTYwIHggNzA0IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4OSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOnRydWUsImllZ3UiOnRydWUsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1702376954082
Requested by
Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-164-173.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
index.js
pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/ Frame A34A
Redirect Chain
  • https://pm.azerioncircle.com/p/locus
  • https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
Requested by
Host: gamedistribution.arkadiumarena.com
URL: https://gamedistribution.arkadiumarena.com/arenaapi/game/block-champ/html5?gd_sdk_referrer_url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372%2F&gd_zone_config=eyJwYXJlbnRVUkwiOiJodHRwczovL3d3dy50aGVlcG9jaHRpbWVzLmNvbS9lcG9jaGZ1bi9ibG9jay1jaGFtcC1lcG9jaC1nYW1lcy0zOTQyMzcyLyIsInBhcmVudERvbWFpbiI6InRoZWVwb2NodGltZXMuY29tIiwidG9wRG9tYWluIjoidGhlZXBvY2h0aW1lcy5jb20iLCJoYXNJbXByZXNzaW9uIjpmYWxzZSwibG9hZGVyRW5hYmxlZCI6dHJ1ZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIiwidmVyc2lvbiI6IjEuNS4xNiJ9
Protocol
H2
Server
18.239.69.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-99.ams58.r.cloudfront.net
Software
UploadServer /
Resource Hash
b98e1cfd3bc985929ee1cd472cb90f0ea7a35e2d21b9ef36865f93453eed1f4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gamedistribution.arkadiumarena.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:30:41 GMT
content-encoding
gzip
via
1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
338313
x-guploader-uploadid
ABPtcPr3XnNItDQjQEX7GybcbJPb2J3ENit1TLMEPTGsxMnKjk4A9J3Qb8sNwoFTcNgMxkrVLuU
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
10055
last-modified
Mon, 30 Oct 2023 12:53:05 GMT
server
UploadServer
etag
"ee8f86fc8fa90340ef0bc7ccbc84ce46"
vary
Accept-Encoding
x-goog-generation
1698670385621342
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=gWu7nw==, md5=7o+G/I+pA0DvC8fMvITORg==
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
10055
accept-ranges
bytes
x-amz-cf-id
ezCFTeDBlCFW1Dv1gI5oKH7UZRFWnncfsO4gzrchYSFoTT44ZBWP3A==
expires
Fri, 08 Dec 2023 13:30:41 GMT

Redirect headers

date
Fri, 08 Dec 2023 12:30:42 GMT
via
1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P4
age
338312
vary
Origin
x-cache
Hit from cloudfront
location
https://pm.azerioncircle.com/@bygd/locus/0.5.6/dist/app/iife/index.js
content-length
0
x-amz-cf-id
SxARKvSWN5ZK_C43G6jADCWHBc0kkY-ERCGnBAyfFZyyoQGkskjCVQ==
css2
fonts.googleapis.com/ 		7 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:22:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:14 GMT
truncated
/ 		665 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d103df41045bc8e9538ed05d79fdd7750af623fa8dd55fdc3b74d90d6ba20a0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52c854815f543b120f9314bf012a95ff9902edef46b232928855005edd9cf67c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=575549331944119&bg=!Pj2lPXLNAAY3kmNgF5I7ADQBe5WfOMU-aek3sQee0al9ijrtkaEMv-FpvWvt_1EO7wsdgu6SYTFipsmObo4FlNkPV5wZAgAAAI9SAAAAA2gBBwoAg7-3LARL5LGL7b9o31i-ybkLkpt0bPxZkDcIs0oi4tQoSlLbo-WZxbHPSXrKr1TlVvA6eji0sQtCyTHMJCUll5GcLGz4MEn88Xz41XAm0Ur3DyJQzKVLE3FekaAhBxbhDf3wwCtrF6beiPKf8pdQzTmES7lgdd90jM8XsaaykNjhsBnqmQLsjf5Ky0xUG8tUPgfu_qr3WBSYccIjIX_8ersEncr1MKCzQXxcbTZ64EO7EVtu5XoXlM4DNEmYeEt-_SLZJX1_Dx3mrvIJmBt2RXPtIHSfsjbjOcKX1r64HOxXJcrrnNBgGb5Nlj3AG98CSxO8I6UofNaDs4Ub_-xRSd7l5Xpmcg0kR1cuzBHSah6G9U-WRuY1QQSUXux6B9W3PgWQvdi32WIJkrzSJ-ZckACEoVBrxsAT0iwx5S7PfQnMSow5niculBJjNKB85RpTOJ5ItKCyfsEcZYQJ_QQG2k1NGJyErByADtntFnm2HlX4b1MxGbiqvHwIp8Lu0SLlCYFg47nYeSknzHIy-m9SnqVmNx0fym64elYwIgnUZFbAzGhcnzAxGlBuyr0WLoBW0dlsoLY7xgzL5SZ5hSvDyT1MKCMxHmBPs3cRyzANqY-61XUOLoWi1NNsqcPMlQX87ama-JLL88SHBw2DzHlZc1anxri_HboNfXz5aqDGMB6iRNYdd1L5YDn-CmUlwUXP5KBZQDczpSAtOoOO6uXwkfVEcCNrEikfFfxkIsDH9EKA1iKZOfcUedBNV-M_yO8qlYvawlqosSsaGy67mp7hcDnEYiplD0iQEADsIgCulLaElThPiySXXhgCknckJOkIQOrGiO9WVoi29Rh2dpf7DlbJvZBCwAqQTmB6632bC_RdhB2XNHJLnG24q6-df6MNC07yA15M13plECQBM0QFOioP9lWkFcx8PN54Hb2DhUWpmfZW3WvkpHDmyhXM1vhl-LrnnZ8KH-1du7MV-PtWlsCdNqXNoNkS9kjBYCnDMKFTDgO_QA4MMuPYzUxo-dXVtwX9rUkW2mkWwrfNybEVA6OnSoQsozK0eueO4DXMwahWbYw8i083VoLmPDX1NXp5tuSLcNtQuGVdeLTaljuEfQJZOI5CsJt6EwrI71KxyCxu5mJUfu6VwGQwhv71g41iI-9Nys6iE42mZ0lgvdzxisGaOw
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel;r=47523524;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372;uht=2;fpan=1;fpa=P0-1324882923-1702376953193;pbc=;ns=0;ce=1;qjs=1;qv=607...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=47523524;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372;uht=2;fpan=1;fpa=P0-1324882923-1702376953193;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=theepochtimes.com;dst=1;et=1702376954109;tzo=-60;ogl=title.Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%2Cdescription.Play%20online%20Block%20Champ%20game%20%252EPlay%20now%20for%20free%252C%20no%20download%20or%20registration%20req%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2Fepochfun%2Fblock-champ-epoch-games-3942372%2Csite_name.The%20Epoch%20Times%2Clocale.en-US%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2023%2F07%2F21%2Fid5414540-EET-logo%252Epng%2Ctype.website;ses=ef01ec41-9f02-42ca-92a7-e5ea1ee40c61;mdl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/ Frame D5E7 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d9e0d05669a3610c7263c551b8b406344c148713485f7e8124f61b05e2463cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 411C 		2 KB
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:13:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 411C 		2 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
30871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 411C 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
5651
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:55:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 411C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
38426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:48:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 54BC 		1 KB
685 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
49760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 411C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:42:28 GMT
l
www.google.com/ads/measurement/ Frame 411C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIVNboAXGAj0e16wMvVXi2dDemmYG-9Yf0neBM_F_lfsal5rVeowmGhpX1FJ2D-IcE36xaRAuf8zZLeSQPmNI8ZaL70Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 411C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:14 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 411C 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
css
fonts.googleapis.com/ Frame 09C1 		2 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:05:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 10:29:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 09C1 		2 KB
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
30871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 09C1 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
5651
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:55:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 09C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
38426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:48:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7288 		1 KB
681 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
49760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 09C1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:42:28 GMT
l
www.google.com/ads/measurement/ Frame 09C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQef9o2WrLJUXuuR7CDS2ZFeXodNL93O38NPV2ZwSn8jXvvag6GNh-EiJcR1tO-1KjV4fjwi9n_f8afDpqGHQd0umu97A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 09C1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:29:14 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 09C1 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
ingestion.js
tentacles.smartocto.com/ten/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/ingestion.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
4d5ffa9b4660a2cb3cc7733dd785224252768155d96805b19b862ef55af6d045

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-677
cdn-cachedat
11/28/2023 09:17:30
cdn-pullzone
1448885
last-modified
Tue, 28 Nov 2023 09:17:20 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6565b020-2774"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
92c47c19-149d-4a6b-809d-6a585867c24c
cache-control
public, max-age=60
cdn-requestid
5387b481b21ce1be71cf21c1d8c203fd
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
tentacles
api.smartocto.com/api/brands/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.smartocto.com/api/brands/tentacles?i=8ia94jzjaallopuwrqi7yg96qevd0z0w
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js?v=2023-12-12T10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.7.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-7-23.eu-west-1.compute.amazonaws.com
Software
/ smartocto
Resource Hash
88a46561523d4c3661714edb94e4851a426665ee997240536a00d9e5ca2b23cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 10:29:21 +0000
max-age
10
x-powered-by
smartocto
vary
Accept-Encoding
x-cache
HIT from SmartOcto Cache
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=422600376797&version=m202309260101&ct=119&x=1&cor=16189552866790000000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
138003605
www.clarity.ms/tag/uet/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/138003605
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/138003605.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f9a5c3f745873354492946bee5f813c7ce2fba6a279a6b0d264d4fc894fa604

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Tue, 12 Dec 2023 10:29:22 GMT
x-azure-ref
0AzZ4ZQAAAAC3WmkT0KlnRZGdJ9eFwb00WlJIRURHRTEzMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
829
expires
-1
i.match
s.tribalfusion.com/z/ Frame 54BC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL0...
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
834549300b025232-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
561
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRLt3vavPajclTAeiyEScAaVL012kJQIeWrUsyc4jxjQ78NzBdWIfXOgqKg-YpyRrGFoIzUUfm2HGD88PGC9genfrEVL00-Evr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8345492e88805232-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 54BC
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECoRxnnhzy5N43VP3NYcmPg&google_cver=1&google_push=AXcoOmRTsXu_zrRV9_qzwvIgKo-zjyvlmGwcbMQC2f-Tdr4ADcrrHszMJdV4-fyAqXyAGEvcxltYQ-MPseoOkz9Yy43ECcOASE624Mzk
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82833912DB12441CBA3377A3688FD58E&google_push=AXcoOmRTsXu_zrRV9_qzwvIgKo-zjyvlmGwcbMQC2f-Tdr4ADcrrHszMJdV4-fyAqXyAGEvcxltYQ-MPseoOkz9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82833912DB12441CBA3377A3688FD58E&google_push=AXcoOmRTsXu_zrRV9_qzwvIgKo-zjyvlmGwcbMQC2f-Tdr4ADcrrHszMJdV4-fyAqXyAGEvcxltYQ-MPseoOkz9Yy43ECcOASE624Mzk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82833912DB12441CBA3377A3688FD58E&google_push=AXcoOmRTsXu_zrRV9_qzwvIgKo-zjyvlmGwcbMQC2f-Tdr4ADcrrHszMJdV4-fyAqXyAGEvcxltYQ-MPseoOkz9Yy43ECcOASE624Mzk
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 10:29:14 GMT
pixel
cm.g.doubleclick.net/ Frame 54BC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBZkPOTikixLogUfYX3Un8o&google_cver=1&google_push=AXcoOmTIhnrX7Cp3wQRWWqeMczskpgOz9IMgr4mWfZCNG7Ofmj0b7PvenWWe4LIKZag47NwNwSvmO_tW7L-fxV7ZUnClsDg2f...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799608371&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799608371&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799608371&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 54BC
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECoX1GjU4oHCxjXLpIo7sH8&google_cver=1&google_push=AXcoOmRZqU561p9hnJvRS_nCOPeZas2mRxzbVF3d0iV2VhEJwpXW4YyOdNEqD4hDwHhXVhDsKJTCs_VkEM_PYk4VyJwA4tx...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRZqU561p9hnJvRS_nCOPeZas2mRxzbVF3d0iV2VhEJwpXW4YyOdNEqD4hDwHhXVhDsKJTCs_VkEM_PYk4VyJwA4tx-k1QCY2cyaQ&google_hm=NDY2N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRZqU561p9hnJvRS_nCOPeZas2mRxzbVF3d0iV2VhEJwpXW4YyOdNEqD4hDwHhXVhDsKJTCs_VkEM_PYk4VyJwA4tx-k1QCY2cyaQ&google_hm=NDY2NDgxOTgzNTAzMzQ0NjY0NA==
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRZqU561p9hnJvRS_nCOPeZas2mRxzbVF3d0iV2VhEJwpXW4YyOdNEqD4hDwHhXVhDsKJTCs_VkEM_PYk4VyJwA4tx-k1QCY2cyaQ&google_hm=NDY2NDgxOTgzNTAzMzQ0NjY0NA==
Date
Tue, 12 Dec 2023 10:29:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 54BC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWrxUs1lJAio9R1z8hP3C76On0cMMRAybhzU1FeLsbEYPOKDcUCw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=2873238072&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953102&bpp=1&bdt=3566&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.m24y0e4wmwkz&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 7288
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXF...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8T...
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
834549305b7d5232-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
348
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELcP41zl4oP7UqZRN786fKA&google_cver=1&google_push=AXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR44PSCfiWX7xtObJNRBMCPN8yO9-u58UMP4fhMx47FK5pDp8XcXPElS4TY11Mhgww7a9Yr4TgSRX8hY-xIQxg0Gav8v8TXFigZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8345492e88865232-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7288
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECoRxnnhzy5N43VP3NYcmPg&google_cver=1&google_push=AXcoOmQV0h-Zd9BGk3vhZhL2QqIn9SJX48Gvf6HhE6N8t27wrOVmrmEup8RD4AHMmo5Ep8ebeAGxbcBRfiPcXcCy5K5jppxrDg-YtMht
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC5EBBF35336448FA0276DD5F2352122&google_push=AXcoOmQV0h-Zd9BGk3vhZhL2QqIn9SJX48Gvf6HhE6N8t27wrOVmrmEup8RD4AHMmo5Ep8ebeAGxbcBRfiPcXcC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC5EBBF35336448FA0276DD5F2352122&google_push=AXcoOmQV0h-Zd9BGk3vhZhL2QqIn9SJX48Gvf6HhE6N8t27wrOVmrmEup8RD4AHMmo5Ep8ebeAGxbcBRfiPcXcCy5K5jppxrDg-YtMht
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 10:29:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC5EBBF35336448FA0276DD5F2352122&google_push=AXcoOmQV0h-Zd9BGk3vhZhL2QqIn9SJX48Gvf6HhE6N8t27wrOVmrmEup8RD4AHMmo5Ep8ebeAGxbcBRfiPcXcCy5K5jppxrDg-YtMht
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 10:29:14 GMT
pixel
cm.g.doubleclick.net/ Frame 7288
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBZkPOTikixLogUfYX3Un8o&google_cver=1&google_push=AXcoOmRvCZ4raw9MU6lBxniC4JhvPCdb6BA7sACAAAtjBLCmMxaP7OdVjQ_M7eE2fO72AWHfPQrBccfOmev5hNnHaAsTxM6zK...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799532456&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799532456&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=863799532456&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7288
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECoX1GjU4oHCxjXLpIo7sH8&google_cver=1&google_push=AXcoOmQJwqFPif9R-lc5RmpKNYDAsDJe1mCweWcegRLdAHpUwFq2Pquh5ps02sI9vG9vB3qp3Rpu6XNk06TTQQLs7VY6SML...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQJwqFPif9R-lc5RmpKNYDAsDJe1mCweWcegRLdAHpUwFq2Pquh5ps02sI9vG9vB3qp3Rpu6XNk06TTQQLs7VY6SMLGdP4CbgeRkw&google_hm=NDY2N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQJwqFPif9R-lc5RmpKNYDAsDJe1mCweWcegRLdAHpUwFq2Pquh5ps02sI9vG9vB3qp3Rpu6XNk06TTQQLs7VY6SMLGdP4CbgeRkw&google_hm=NDY2NDgxOTgzNTAzMzQ0NjY0NA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQJwqFPif9R-lc5RmpKNYDAsDJe1mCweWcegRLdAHpUwFq2Pquh5ps02sI9vG9vB3qp3Rpu6XNk06TTQQLs7VY6SMLGdP4CbgeRkw&google_hm=NDY2NDgxOTgzNTAzMzQ0NjY0NA==
Date
Tue, 12 Dec 2023 10:29:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 7288 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlqtNOC1ZGeXJutoHDNHXv7Je7rykhJXjW1Wk57IRblbXkzTxOmg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=731&adk=3591953100&adf=1300378861&w=975&vpmute=0&channel=4089988593&format=975x731&url=https%3A%2F%2Fwww.theepochtimes.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702376953118&bpp=1&bdt=3583&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0%2C975x731&nras=3&correlator=3388534333565&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=2059308055.1702376951&ga_sid=1702376952&ga_hid=1936719239&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=975&ish=731&ifk=1777064713&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=575549331944119&tmod=702715493&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C731&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pm9cona2t9m7&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
t
ingestion.smartocto.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingestion.smartocto.com/t?p=0%3Alq27a8tk%3AYKcJGa54Bi6IXoZV~MXet9Z8nr_Ukoku&s=0%3Alq27a8tk%3AUACKsU5qJGGewt6ar1mP_rzKLv1NaoiC&v=0%3AiRMfCtU_9K2vo6wspzJLUw_4IkXq~JhS&e=0%3AiRMfCtU_9K2vo6wspzJLUw_4IkXq~JhS0&c=1702376954413&n=t&f=t&l=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&i=1600&j=1200&k=1&w=1600&h=1200&t=pageView&ch=web&bid=epochtimesus
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/ingestion.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.12.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-12-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Tue, 12 Dec 2023 10:29:18 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
tags.wdsvc.net/tpc-eval/ 		21 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=18c5d92d91b-tags7-915dc88acad12
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.200.58.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-58-150.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:22 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
p.gif
p.alocdn.com/c/6irth52s/a/etarget/
Redirect Chain
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2F...
  • https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2F...
42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alocdn.com/c/6irth52s/a/etarget/p.gif?title=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&auid=7edeff06-3194-4e86-b5ea-90b51e53ae5d&tdc=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Server
35.162.252.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-252-179.us-west-2.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 12 Dec 2023 10:29:23 GMT
server
nginx/1.20.1
content-type
image/GIF

Redirect headers

location
/c/6irth52s/a/etarget/p.gif?title=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&url=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&auid=7edeff06-3194-4e86-b5ea-90b51e53ae5d&tdc=1
date
Tue, 12 Dec 2023 10:29:23 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
nginx/1.20.1
content-type
image/GIF
prerollAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/prerollAd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
prerollAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		84 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/prerollAd
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
8405cb40d31eceb38e4b4004b29ff77a685957aadc8f30c3ad04e5009d457f3a

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
99
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=1&src=1&stats=1&timing=1369&event=prf_suc&client=ca-pub-2316275586951220&bow_v=r20231207&js_v=m202312050101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame DDA2 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgamedistribution.arkadiumarena.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://gamedistribution.arkadiumarena.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
61655
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 10:29:14 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6712)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=2&src=1&stats=1&timing=1411&event=prf_suc&client=ca-pub-2316275586951220&bow_v=r20231207&js_v=m202312050101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://html5.gamedistribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ Frame 6E1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/slotcar_library_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://html5.gamedistribution.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
settings
syndication.twitter.com/ Frame DDA2 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=e2828daa4448f60a46561bc8b201b322f841cfa9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgamedistribution.arkadiumarena.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
109
date
Tue, 12 Dec 2023 10:29:21 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 12 Dec 2023 10:29:22 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
6c1e8bab3687140e
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
351434bb228bdee7731f5cb86d494f6e5f28f8f55fba9eb082edbd6b4fea5796
content-length
337
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 12 Dec 2023 10:29:21 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame A34A 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/static-v4.0/content/js/analyticsbundle.min.js?v=Arena-4-0-Live-20230215-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ce0ea25dd287067a9b8e53baeb16828bb26368f529b4022f1f27a40c11c126d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
88ACC138-9539-4A7B-BFD5-4DE14E8C7601
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 10:29:21 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
intermediateAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/intermediateAd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:14 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
intermediateAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		828 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/intermediateAd
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
981ec3612a2555af37cd91f60b0eac67600cd4b0e64f374c9c1773d9a768ba9b

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:14 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
490
postrollAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/postrollAd
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
34
postrollAd
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/postrollAd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:15 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
top-ad
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/top-ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:15 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
top-ad
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		97 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/top-ad
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
20675f9b4d26c8d9d7cbf0eea095d1bded225a597a943e2659cccad819563193

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
107
c
ea.epochbase.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theepochtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Tue, 12 Dec 2023 10:29:15 GMT
server
nginx/1.20.1
c
ea.epochbase.com/api/pw/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theepochtimes.com
date
Tue, 12 Dec 2023 10:29:16 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
/
mixproxy.epoch.cloud/mixpanel/track/ 		1 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1702376955551
Requested by
Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
53
alt-svc
h3=":443"; ma=86400
content-length
1
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyhObJ8MiY4sk4HeMnpYuuFQcnw1JuAqs6lSSFdr7vf14VtMtb03tc1uGd3R5sChfCOLkI3TDO%2B4ptANdwi0EuxtQ0kPDPdI%2FySFBeSYLzyXXNO%2Fp3rVI21%2Baipww7RtXqQDyrNTMg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
834549044b870e05-MXP
access-control-allow-headers
X-Requested-With
bottom-ad
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/bottom-ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:15 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
bottom-ad
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/bottom-ad
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:15 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
34
game-end-ad
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/game-end-ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:15 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
game-end-ad
arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/ Frame A34A 		66 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/content-blocks/api/contentblocks/getbytype/game-end-ad
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
80aed1012c5ebab580a00f2e8d36008dad7ee3acaff810fb79af2a30f1fab574

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:16 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
87
allgames
arenaservices.cdn.arkadiumhosted.com/gamelist/api/gamelist/get/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/gamelist/api/gamelist/get/allgames
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cdn-target-host
Access-Control-Request-Method
GET
Origin
https://gamedistribution.arkadiumarena.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cdn-target-host
access-control-allow-origin
*
date
Tue, 12 Dec 2023 10:29:16 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
allgames
arenaservices.cdn.arkadiumhosted.com/gamelist/api/gamelist/get/ Frame A34A 		583 KB
107 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/gamelist/api/gamelist/get/allgames
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
c31f0d754ea8249da695d1307e2748cc4816afff8dc48ee90656a73497fd78a7

Request headers

Accept
application/json
Referer
https://gamedistribution.arkadiumarena.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CDN-Target-Host
gamedistribution.arkadiumarena.com

Response headers

date
Tue, 12 Dec 2023 10:29:16 GMT
content-encoding
gzip
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=1800
access-control-allow-credentials
true
content-length
108842
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je3bt0v884763001&_p=1702376949783&gcd=11l1l1l1l1&dma=0&cid=553582181.1702376950&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1702376949&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&dt=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&uid=&_s=2&tfd=9680
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A34A 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
/
arenaservices.cdn.arkadiumhosted.com/playgame/api/playgame/play/gamedistribution.arkadiumarena.com/block-champ/ Frame C39C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/playgame/api/playgame/play/gamedistribution.arkadiumarena.com/block-champ/
Requested by
Host: arenacommonservices.cdn.arkadiumhosted.com
URL: https://arenacommonservices.cdn.arkadiumhosted.com/arena-play-widget/static/js/ark-play-widget-app.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
5a8695b2c26e97716763507969087ecdde9bb4c80016bf8a2e9a5e33ffe32f69

Request headers

Referer
https://gamedistribution.arkadiumarena.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public,max-age=1800
content-encoding
gzip
content-length
1586
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 10:29:16 GMT
server
Kestrel
vary
x-cdn-target-host,Accept-Encoding
content-play-vendors.js
arenaservices.cdn.arkadiumhosted.com/playgame/dist/ Frame C39C 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arenaservices.cdn.arkadiumhosted.com/playgame/dist/content-play-vendors.js
Requested by
Host: arenaservices.cdn.arkadiumhosted.com
URL: https://arenaservices.cdn.arkadiumhosted.com/playgame/api/playgame/play/gamedistribution.arkadiumarena.com/block-champ/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
1d372994db9ad9401a97d10fc3a7a68205c53899031ba260e121de627cce9df7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://arenaservices.cdn.arkadiumhosted.com/playgame/api/playgame/play/gamedistribution.arkadiumarena.com/block-champ/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:16 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 09:55:22 GMT
server
Kestrel
etag
"1d86f5462069485"
vary
x-cdn-target-host,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
39758
render-code.js
arenaconnect.cdn.arkadiumhosted.com/games-storage/html5-common-lib/js/ Frame C39C 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arenaconnect.cdn.arkadiumhosted.com/games-storage/html5-common-lib/js/render-code.js
Requested by
Host: arenaservices.cdn.arkadiumhosted.com
URL: https://arenaservices.cdn.arkadiumhosted.com/playgame/api/playgame/play/gamedistribution.arkadiumarena.com/block-champ/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ae14ba40611f7ec33a85241dee0a2a8cd81a92ed57b625a39eb43f1cab9e194c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://arenaservices.cdn.arkadiumhosted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:16 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2017 12:56:41 GMT
server
Microsoft-IIS/10.0
etag
"804a908234fd31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=390
accept-ranges
bytes
content-length
36202
/
insight.adsrvr.org/track/evnt/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=4tgsadn&ct=0:n27fxwf&fmt=3&td1=18c5d92d91b-tags7-915dc88acad12
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
insight.adsrvr.org/track/conv/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:cbmj8de&fmt=3&orderid=&vf=&v=&td1=18c5d92d91b-tags7-915dc88acad12
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
insight.adsrvr.org/track/conv/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:idisnfs&fmt=3&orderid=&vf=&v=&td1=18c5d92d91b-tags7-915dc88acad12
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ Frame 24F5
Redirect Chain
  • https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_s...
  • https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_...
454 B
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Requested by
Host: arenaconnect.cdn.arkadiumhosted.com
URL: https://arenaconnect.cdn.arkadiumhosted.com/games-storage/html5-common-lib/js/render-code.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
edf257c2cec275f80b13f6fd85cb131202b48d99be9696bbfaf9e485519c1df3

Request headers

Referer
https://arenaservices.cdn.arkadiumhosted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=505
content-encoding
gzip
content-length
295
content-type
text/html
date
Tue, 12 Dec 2023 10:29:16 GMT
etag
"589a1b8dd62d91:0"
last-modified
Thu, 30 Mar 2023 08:00:39 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

content-length
0
date
Tue, 12 Dec 2023 10:29:16 GMT
location
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
server
AkamaiGHost
main.js
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/ Frame 24F5 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
455d210dfd0369af7d97f4e37ea174e4891b66658af0104513d3ea661867bd59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:16 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:36 GMT
server
Microsoft-IIS/10.0
etag
"f68c5b5dd62d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=554
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1789653
analytics.js
www.google-analytics.com/ Frame 24F5 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:22:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4012
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 11:22:25 GMT
appinsights-config.json
arenacloud.cdn.arkadiumhosted.com/gamesfeeds-blob/remote-configs/appinsights-config/ Frame 24F5 		31 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://arenacloud.cdn.arkadiumhosted.com/gamesfeeds-blob/remote-configs/appinsights-config/appinsights-config.json
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b57a8f6003eed796e9d69453f3302a751ba1917002684e62c328d67953841f9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 10:29:17 GMT
content-encoding
gzip
content-md5
6aG73s8H/V+vBZ29fizerg==
content-length
3496
x-ms-lease-status
unlocked
last-modified
Mon, 27 Nov 2023 12:28:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBEF446AA7C53D
vary
x-cdn-target-host,Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
91d8fc31-501e-0013-3ce0-2cfa14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=84127
x-ms-version
2009-09-19
x-robots-tag
noindex, nofollow
expires
Wed, 13 Dec 2023 09:51:24 GMT
en-US.txt
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/texts/ Frame 24F5 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/texts/en-US.txt
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
084ddfe730322bfcef261b420f2ea4ac44b213654d7849a79ecaed433227dbd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:17 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"35265db7dd62d91:0"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=388
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
961
preloader_ske.json
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/ Frame 24F5 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/preloader_ske.json
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
bce54db0230fcefe22dfd99f4990b539959f70a01f67bf80b308e7c68c47d05a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:17 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"727e21b7dd62d91:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=426
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
604
preloader_tex.json
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/ Frame 24F5 		359 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/preloader_tex.json
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a7e8444224aeacc7f941732803cb74b8e254bb6866490be791f1e1277c0abc03

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:17 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"504326b7dd62d91:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=251
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
198
preloader_tex.png
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/ Frame 24F5 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/preloader_tex.png
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ff1b5c7d8a81606c646ab1453a3d6abfbe950226ffba103627f2aa12b6dc00f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:17 GMT
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"42a528b7dd62d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
55365
expires
Wed, 13 Dec 2023 10:29:17 GMT
ee2c49b2152ea84bbe30.png
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ Frame 24F5 		113 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ee2c49b2152ea84bbe30.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
971b53a83a756e75298bb86ea57eacbaf75df356ea3d10f730d8c55e99452340

Request headers

Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Origin
https://ams.cdn.arkadiumhosted.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:17 GMT
last-modified
Thu, 30 Mar 2023 08:00:39 GMT
server
Microsoft-IIS/10.0
etag
"f3dafcb7dd62d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
113
expires
Wed, 13 Dec 2023 10:29:17 GMT
f8fbd05dc186dae85258.woff
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ Frame 24F5 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/f8fbd05dc186dae85258.woff
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e9bae68802bf7cbec4ece3226200543619bba15d56ce807133e3da2ff134944d

Request headers

Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Origin
https://ams.cdn.arkadiumhosted.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:39 GMT
server
Microsoft-IIS/10.0
etag
"a03effb7dd62d91:0"
content-type
font/x-woff
access-control-allow-origin
*
cache-control
max-age=322
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
53308
4cce3d839deb28bc0217.woff
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ Frame 24F5 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/4cce3d839deb28bc0217.woff
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f9b4166ff63d1a3eb4a3c836657a5ab0edcfbe3c2026ada3ae97726efe72a4f6

Request headers

Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Origin
https://ams.cdn.arkadiumhosted.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:35 GMT
server
Microsoft-IIS/10.0
etag
"1b7f9ab5dd62d91:0"
content-type
font/x-woff
access-control-allow-origin
*
cache-control
max-age=289
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
55544
a449a5403418643851c5.woff
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ Frame 24F5 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/a449a5403418643851c5.woff
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f427f224390a7e9de6aacd67a2dff4d0d5112da02b301cf4c76b0cc2fcbb9f9d

Request headers

Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Origin
https://ams.cdn.arkadiumhosted.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:35 GMT
server
Microsoft-IIS/10.0
etag
"4acca8b5dd62d91:0"
content-type
font/x-woff
access-control-allow-origin
*
cache-control
max-age=379
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
53228
localConfig.json
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/data/ Frame 24F5 		76 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/data/localConfig.json
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
454dbd85f11525a97e7d31ff117ee12d94a629811b5afeca22e9dd795df35bac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"296defb6dd62d91:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=547
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
93
bg_music.mp3
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/sounds/ Frame 24F5 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/sounds/bg_music.mp3
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a8a062681931795ac0cb561a1491b4f8d0205c6dd84bc775e467cc05956b4b97

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"5fcc2fb7dd62d91:0"
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1595498
expires
Wed, 13 Dec 2023 10:29:18 GMT
6ea6271d869b2a6306f9.png
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/ Frame 24F5 		128 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/6ea6271d869b2a6306f9.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
efd9ae33252a3038ce4520e70c867f86072c4a05ba8bfe039179e68eb650db74

Request headers

Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
Origin
https://ams.cdn.arkadiumhosted.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:35 GMT
server
Microsoft-IIS/10.0
etag
"f5a4a1b5dd62d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
128
expires
Wed, 13 Dec 2023 10:29:18 GMT
intro_ske.json
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/ Frame 24F5 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/intro_ske.json
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
536142fa70fc6bba822c730283a4b863cbaef5367a3fd01dc6cf85185b2dfa88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"199cb7dd62d91:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=119
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1029
intro_tex.json
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/ Frame 24F5 		1 KB
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/intro_tex.json
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ef15a58f1f8e17425aa3f6ba07d25502fa0de8d0206a8f42c47002865010dacf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"7c6beb7dd62d91:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=376
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
402
intro_tex.png
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/ Frame 24F5 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/images/2x/intro_tex.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
82e93cabfa3d7ba419f3250be89df38fe4c44d5cd8ad582c7d8d213ad140c7f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"403013b7dd62d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
63259
expires
Wed, 13 Dec 2023 10:29:18 GMT
a
ingestion.contentinsights.com/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.contentinsights.com/a?d=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&f=2748&pid=3942372&b=&u=1702376952931.69247687.76198475&ul=1702376952931.903787927.0863756&at=5&ar=5&ts=1702376958&seq=1&x=0.19929620897524747&err=&ver=23
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.111.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 12 Dec 2023 10:29:22 GMT
button_click.mp3
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/sounds/ Frame 24F5 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/sounds/button_click.mp3
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4bdfda12d901596ba79c5acbb3c3c877d7179f6958df626083eb2391ca31e3ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"c45539b7dd62d91:0"
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2372
expires
Wed, 13 Dec 2023 10:29:18 GMT
button_rollover.mp3
ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/sounds/ Frame 24F5 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/resources/assets/sounds/button_rollover.mp3
Requested by
Host: ams.cdn.arkadiumhosted.com
URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-52.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c16389094b96875ef8d665760aff78c8746ffbf523108ddceaabb180484ecd31

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=?show_game_end=false&locale=en-us&device_type=pc&arena_name=gamedistribution.arkadiumarena.com&game_name=Block%20Champ&events=game_start,game_end,pause_ready,event_change,abtest_init,reward_start&play_id=LTUzNTM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:18 GMT
last-modified
Thu, 30 Mar 2023 08:00:38 GMT
server
Microsoft-IIS/10.0
etag
"ffb73bb7dd62d91:0"
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1458
expires
Wed, 13 Dec 2023 10:29:18 GMT
client
accounts.google.com/gsi/ 		206 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client?_=1702376949673
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f84.1e100.net
Software
ESF /
Resource Hash
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-u3eGVTkXK8P5Q0RDdwF6DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-u3eGVTkXK8P5Q0RDdwF6DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 12 Dec 2023 10:29:23 GMT
events
mp.theepochtimes.com/webevents/v3/JS/us2-c639a6aabfcf124097c91276dd5884fb/ 		42 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.theepochtimes.com/webevents/v3/JS/us2-c639a6aabfcf124097c91276dd5884fb/events
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/_next/static/chunks/9198-f50aa2d7e3d84364.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a57d1240d8c6330f871c4c5a9cc9207bdd3ed75bdaf8c459706ce071ec67c256

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
date
Tue, 12 Dec 2023 10:29:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
x-timer
S1702376962.086048,VS0,VE281
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us2_origin
x-cache
MISS, MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0, 0
post-log
tags.wdsvc.net/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/post-log?v=4.10&amp;t=1702376954139
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.200.58.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-58-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Tue, 12 Dec 2023 10:29:22 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html
usync.js
eus.rubiconproject.com/ Frame E941 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31615
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:17 GMT
usync.js
eus.rubiconproject.com/ Frame 0891 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31615
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:17 GMT
usync.js
eus.rubiconproject.com/ Frame 793E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31615
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:17 GMT
usync.js
eus.rubiconproject.com/ Frame EF97 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31615
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:17 GMT
usync.js
eus.rubiconproject.com/ Frame CC41 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31615
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:17 GMT
/
onetag-sys.com/usync/ Frame 03C3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
4bf539e131856ae7a6163212195ab2951250f76a93237df7ade81a468450355a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sdk.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1247
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
cs
cs.minutemedia-prebid.com/ Frame 9EEA
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1345541413206663661435
0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1345541413206663661435
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
H2
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sdk.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sdk.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1345541413206663661435
date
Tue, 12 Dec 2023 10:29:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame 9EEA 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sdk.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2023 10:29:22 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs.minutemedia-prebid.com/ Frame 9EEA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=TY6GIkeytWbi&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=TY6GIkeytWbi&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
H2
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sdk.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sdk.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=TY6GIkeytWbi&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-gp7b7
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 9EEA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4845899871328933219&gdpr=0&gdpr_consent=
0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4845899871328933219&gdpr=0&gdpr_consent=
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
H2
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sdk.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sdk.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4845899871328933219&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:21 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 9EEA
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=4528084541678471908
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=5fb947ad-9ec7-525a-9f7f-9e8dfa07a88f
0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=5fb947ad-9ec7-525a-9f7f-9e8dfa07a88f
Requested by
Host: sdk.minutemedia-prebid.com
URL: https://sdk.minutemedia-prebid.com/cs-config/cs.html?org=6475aa705b23100001019b46&tc=6475aaf65fe06700018e50d8&as=6475aaf65fe06700018e50da&type=hb&wd=cs.minutemedia-prebid.com&domain=theepochtimes.com
Protocol
H2
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sdk.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sdk.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=5fb947ad-9ec7-525a-9f7f-9e8dfa07a88f
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
khaos.json
token.rubiconproject.com/ Frame E941 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame DE0C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
5250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:01:52 GMT
khaos.json
token.rubiconproject.com/ Frame CC41 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
khaos.json
token.rubiconproject.com/ Frame 0891 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame FC9A 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
5250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:01:52 GMT
khaos.json
token.rubiconproject.com/ Frame 793E 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
khaos.json
token.rubiconproject.com/ Frame EF97 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
img
sync.mathtag.com/sync/ Frame 03C3 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"197" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:22 GMT
Server
MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"197"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 10:29:21 GMT
/
onetag-sys.com/match/ Frame 03C3
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LQ27A84H-20-508C&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LQ27A84H-20-508C&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LQ27A84H-20-508C&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 03C3 		42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 03C3
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=2302128734912386375
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=2302128734912386375
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=2302128734912386375
date
Tue, 12 Dec 2023 10:29:21 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 03C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 03C3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxAtYRSts6TieVoBBTouyU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1A8BB66F-5E04-4E72-AD14-33925F0CFB13
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1A8BB66F-5E04-4E72-AD14-33925F0CFB13
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1A8BB66F-5E04-4E72-AD14-33925F0CFB13
date
Tue, 12 Dec 2023 10:29:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 03C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
date
Tue, 12 Dec 2023 10:29:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 03C3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 03C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-8sIVo11E2pmUNdKBhBUv9UDlI0_GeLqtkhVPTw--~A&expires=5&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 12 Dec 2023 10:29:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 03C3 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=kLOocgSKPvErClP5cfa4SWGBMQFGQ9mFbImXpNNQbh8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
sync
usr.undertone.com/userPixel/ Frame E941
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LQ27A84H-20-508C
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
-0VJWVrpLyYHXkmAzfZlsfQX6ULzUBjP_TKVUFmHv3i1lpDz5jguEg==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
cms-2c-rubicon.html
cti.w55c.net/ct/ Frame 45F1 		52 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2c-rubicon.html
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-87.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eus.rubiconproject.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
145653
cache-control
must-revalidate
content-encoding
br
content-type
text/html
date
Sun, 10 Dec 2023 18:01:51 GMT
etag
W/"7549d51888f0142460ac70be66758bc9"
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-id
VArACctwj4gDlc-bFFVCExbULbgj8T8I55-AhmxMd1772O3DcMKcXw==
x-amz-cf-pop
FRA60-P3
x-amz-replication-status
COMPLETED
x-amz-version-id
eM8rKv5bLrMqGrCvH619GCOhuiLqCbex
x-cache
Hit from cloudfront
p
ingestion.contentinsights.com/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.contentinsights.com/p?a=Epoch%20Puzzles&b=&c=Block%20Champ%20-%20Play%20Now%20online%20%26%20100%25%20Free%20%7C%20The%20Epoch%20Times&d=https%3A%2F%2Fwww.theepochtimes.com%2Fepochfun%2Fblock-champ-epoch-games-3942372&e=Free%20Games%20-%20Ad-supported&f=2748&g=2021-09-23T18%3A42%3A44Z&h=epochfun-137957%2Cspecial-epoch-games-155638%2Cfree-games-ad-supported-172624%2Cpremium-116266%2Cfrontaudio-161329&i=&j=paid&k=news&l=&m=anonymous&ch=&n=article&pid=3942372&u=1702376952931.69247687.76198475&ul=1702376952931.903787927.0863756&x=0.19929620897524747&t=1&err=&ver=23
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.111.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-111-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 12 Dec 2023 10:29:22 GMT
pixel
cm.g.doubleclick.net/ Frame E941
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTY3Mzk3NTQ4ZmZlYzIyZTBlZTgzNzU3Y2QyZTZkNDMxYzBmYTlkYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTY3Mzk3NTQ4ZmZlYzIyZTBlZTgzNzU3Y2QyZTZkNDMxYzBmYTlkYw
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTY3Mzk3NTQ4ZmZlYzIyZTBlZTgzNzU3Y2QyZTZkNDMxYzBmYTlkYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E941
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyN0E4NEgtMjAtNTA4Qw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOiTcKEU05ckxHY4FRK1DI8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyN0E4NEgtMjAtNTA4Qw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyN0E4NEgtMjAtNTA4Qw==&google_push=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyN0E4NEgtMjAtNTA4Qw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame E941
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ27A84H-20-508C&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ27A84H-20-508C&ex=d-rubiconproject.com&status=ok
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E5KRG8B0AT9DTWM47AJD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ27A84H-20-508C&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E941
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_bj6iH56cXG58rq-7pEjY&google_cver=1
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_bj6iH56cXG58rq-7pEjY&google_cver=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM_bj6iH56cXG58rq-7pEjY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame E941
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ27A84H-20-508C
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C3A8D02262F14F1AA51FDA109873DE5B Ref B: ZRHEDGE0712 Ref C: 2023-12-12T10:29:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMTYYpvUEfMfFaFiPeGg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ27A84H-20-508C
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E941
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4eIe7uoEQla59WpzB5AtQQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=4eIe7uoEQla59WpzB5AtQQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=4eIe7uoEQla59WpzB5AtQQ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M4Z5H9WA7X9F9BMPNH9Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=4eIe7uoEQla59WpzB5AtQQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame E941
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GyKadybdRVKk2uL76MT8Ww&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GyKadybdRVKk2uL76MT8Ww
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GyKadybdRVKk2uL76MT8Ww
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BEWH44FE96HZ3G6H92DK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GyKadybdRVKk2uL76MT8Ww
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame E941 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame E941
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jYVdFLLV0OIBOoUa6NhuHMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zvTBf2hE2oIV5QcZEmrdl67gblDEvvRznpZ59w--~A
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zvTBf2hE2oIV5QcZEmrdl67gblDEvvRznpZ59w--~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zvTBf2hE2oIV5QcZEmrdl67gblDEvvRznpZ59w--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame E941
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEYkE7K8GwAABWIV0ZT9Q&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEYkE7K8GwAABWIV0ZT9Q&expires=30
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEYkE7K8GwAABWIV0ZT9Q&expires=30
Date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame E941
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ27A84H-20-508C&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ27A84H-20-508C&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nRXBLdTZCRTJ1SFVVTGFFMGVNMzFfM0Q3TzZIWnZiMH5B&ovsid=LQ27A84H-20-508C&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nRXBLdTZCRTJ1SFVVTGFFMGVNMzFfM0Q3TzZIWnZiMH5B&ovsid=LQ27A84H-20-508C&dpid=58160
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
23.48.23.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-59.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 10:29:23 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 10:29:23 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nRXBLdTZCRTJ1SFVVTGFFMGVNMzFfM0Q3TzZIWnZiMH5B&ovsid=LQ27A84H-20-508C&dpid=58160
date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame E941
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ27A84H-20-508C
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.68.0.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-0-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:24 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame E941
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ27A84H-20-508C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ27A84H-20-508C
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame E941
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQ27A84H-20-508C
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:24 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame E941
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ27A84H-20-508C
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:24 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
pixel
capi.connatix.com/us/ Frame E941
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQ27A84H-20-508C&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQ27A84H-20-508C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQ27A84H-20-508C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8345493b3ae6ba8c-MXP
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 10:29:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQ27A84H-20-508C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8345493a99b0ba8c-MXP
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
an-x-request-uuid
2cfee4cb-3da7-48d9-a1ff-e9515d24407b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
liveCS.php
live.primis.tech/live/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ27A84H-20-508C
0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-95.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P4
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xAJWVF2DQL9hdCM26C3y9rQ1lueMgNCjIcVUEkcXZZ9YoUi4jS5wzQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b60cab5-d08c-4a0a-8d8d-e6bae10223df&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b60cab5-d08c-4a0a-8d8d-e6bae10223df&expires=30
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b60cab5-d08c-4a0a-8d8d-e6bae10223df&expires=30
Date
Tue, 12 Dec 2023 10:29:23 GMT
Connection
keep-alive
X-CI-RTID
f351288e-cd68-4e18-8d72-1b560878650a
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-_Sxk-bXWIR2wT-ut6Wi-rw9MDI
Date
Tue, 12 Dec 2023 10:29:23 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ27A84H-20-508C
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=c0fcd6ec-6265-455b-88fb-aeebcea19ac2
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=c0fcd6ec-6265-455b-88fb-aeebcea19ac2
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=c0fcd6ec-6265-455b-88fb-aeebcea19ac2
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
956835
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 0891 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
67.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Tue, 12 Dec 2023 10:28:12 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7479292622435232592
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7479292622435232592
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7479292622435232592
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7462143506322131454&expires=60&gdpr=&gdpr_consent=
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7462143506322131454&expires=60&gdpr=&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7462143506322131454&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=8151302574394360069&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=8151302574394360069&expires=30
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
an-x-request-uuid
152dab54-dc2b-41db-9da1-d110d7288cfa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=8151302574394360069&expires=30
x-proxy-origin
188.61.48.50; 188.61.48.50; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0891
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1702376963297
  • https://ad.turn.com/r/cs?pid=45&rndcb=1854320553
  • https://sync.1rx.io/usersync/turn/7462143506322131454?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-89bcec25-f59f-47...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003&expires=30
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003&expires=30
date
Tue, 12 Dec 2023 10:29:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX89bcec25f59f47cea4f25ce75481ee33003
content-type
text/html
709414.gif
id.rlcdn.com/ Frame 0891 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
redirect
exchange.mediavine.com/usersync/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ27A84H-20-508C
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.195.142.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-142-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
setuid
s2s.t13.io/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
86 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
cs
cs.yellowblue.io/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ27A84H-20-508C
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:25 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 0891
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ27A84H-20-508C&name=RUBICON
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ27A84H-20-508C&name=RUBICON
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.246.107.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-107-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ27A84H-20-508C&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
143
match.deepintent.com/usersync/ Frame CC41 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:22 GMT
content-length
0
server
b
cs
cs.minutemedia-prebid.com/ Frame CC41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ27A84H-20-508C
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
52.209.71.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-71-13.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
cookie-sync
sync.outbrain.com/ Frame CC41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ27A84H-20-508C&obUid=&initiator=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ27A84H-20-508C&obUid=&initiator=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:24 GMT
Cache-Control
no-cache
X-TraceId
57f4bd1b9394bdb1fef2af89fdcec648
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ27A84H-20-508C&obUid=&initiator=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003
sync.targeting.unrulymedia.com/csync/ Frame CC41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
  • https://sync.1rx.io/usersync/rubicon/LQ27A84H-20-508C
  • https://sync.1rx.io/usersync/rubicon/LQ27A84H-20-508C?zcc=1&cb=1702376963297
  • https://sync.targeting.unrulymedia.com/csync/RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:25 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
60909
i6.liadm.com/s/ Frame CC41
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ27A84H-20-508C
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ27A84H-20-508C
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
44.205.176.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-176-247.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 10:29:25 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ27A84H-20-508C
Date
Tue, 12 Dec 2023 10:29:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
tap.php
pixel.rubiconproject.com/ Frame CC41
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&expires=360&gdpr=0&gdpr_consent=
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
ssc-cms.33across.com/ps/ Frame CC41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQ27A84H-20-508C
0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status
2020008
date
Tue, 12 Dec 2023 10:29:23 GMT
server
33XP005

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CC41
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXg1_gAGW1rXrABU
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXg1_gAGW1rXrABU
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230038-FRA
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702376963.023656,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXg1_gAGW1rXrABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
bridge
cm.adgrx.com/ Frame CC41 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame CC41
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=82833912DB12441CBA3377A3688FD58E&expires=365
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=82833912DB12441CBA3377A3688FD58E&expires=365
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=82833912DB12441CBA3377A3688FD58E&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 10:29:23 GMT
tap.php
pixel.rubiconproject.com/ Frame CC41
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=7478af9157241904&is_secure=true&networkId=12783&version=1&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIKydD6hxyDwNl798SAAAAAAA&expiration=1702463363&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIKydD6hxyDwNl798SAAAAAAA&expiration=1702463363&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIKydD6hxyDwNl798SAAAAAAA&expiration=1702463363&nuid=LVRTPEKMeKnbG7u4lcKrXoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame CC41 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tap.php
pixel.rubiconproject.com/ Frame CC41
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7311653381556992157&expires=730
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7311653381556992157&expires=730
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7311653381556992157&expires=730
Date
Tue, 12 Dec 2023 10:29:23 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
i.match
a.tribalfusion.com/ Frame CC41 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83454932efaa5232-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame CC41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ27A84H-20-508C
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
5.135.209.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-5-135-209.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
Rubicon
crb.kargo.com/api/v1/dsync/ Frame CC41
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ27A84H-20-508C
43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
3.123.103.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-103-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:25 GMT
x-accel-expires
0
vary
Origin
x-rejected
consent
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=TY6GIkeytWbi&ev=1&pid=560687
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=TY6GIkeytWbi&ev=1&pid=560687
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=TY6GIkeytWbi&ev=1&pid=560687
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-gp7b7
expires
-1
sync
ads.yieldmo.com/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQ27A84H-20-508C
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.154.89.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-89-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
sync
usr.undertone.com/userPixel/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
eFaaM2sb3dJABN9NMTgXgfVaHPfuYrN1r6ZM6KOc0KuiyuK9_c_XDw==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
setuid
prebid-s2s.media.net/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
86 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
content-encoding
gzip
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ27A84H-20-508C
0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=863799532456&expires=30&us_privacy=1---
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=863799532456&expires=30&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=863799532456&expires=30&us_privacy=1---
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
109
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA5_10D92617F_8581BBF&expires=60
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA5_10D92617F_8581BBF&expires=60
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CA5_10D92617F_8581BBF&expires=60
Date
Tue, 12 Dec 2023 10:29:23 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-385381763; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
226
Content-Type
text/html; charset=utf-8
/
csync.loopme.me/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ27A84H-20-508C
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
35.214.194.112 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
112.194.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
server
_

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ27A84H-20-508C
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
89.207.16.210 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-convex-float1.dotomi.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:25 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
image/gif
cache-control
no-cache
content-length
43
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
usersync
e.serverbid.com/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ27A84H-20-508C
35 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ27A84H-20-508C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:24 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://eus.rubiconproject.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ27A84H-20-508C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=MGiVfTVoxH0rOJJ9ZD-Pc2VslnArZJRyMGWcIww7
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=MGiVfTVoxH0rOJJ9ZD-Pc2VslnArZJRyMGWcIww7
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=MGiVfTVoxH0rOJJ9ZD-Pc2VslnArZJRyMGWcIww7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=87
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=4845899871328933219&gdpr=0&gdpr_consent=
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=4845899871328933219&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=4845899871328933219&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 10:29:22 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=3cae163a-8bd3-4648-8b34-dfcf951311d5
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=3cae163a-8bd3-4648-8b34-dfcf951311d5
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=3cae163a-8bd3-4648-8b34-dfcf951311d5
Date
Tue, 12 Dec 2023 10:29:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
tap.php
pixel.rubiconproject.com/ Frame 793E
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=rubicon
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZXg2BMCo5swAAORppMkAAAAA
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZXg2BMCo5swAAORppMkAAAAA
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 12 Dec 2023 10:29:24 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=rubicon","cluster_id":0,"gdpr":false,"ipv4":"188.61.48.50","key":"ZXg2BMCo5swAAORppMkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40146"}
X-SO-Key
ZXg2BMCo5swAAORppMkAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40146
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZXg2BMCo5swAAORppMkAAAAA
Cache-Control
private
X-SO-HostName
a-ad40146.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-IP
188.61.48.50
/
rtb-csync.smartadserver.com/redir/ Frame 793E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smaato
  • https://s.ad.smaato.net/c/?dspId=1001989&dspCookie=LQ27A84H-20-508C
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=c8217e6d97&gdpr=0&gdpr_consent=
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=c8217e6d97&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
5.135.209.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-5-135-209.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Tue, 12 Dec 2023 10:29:24 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=c8217e6d97&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
F-9K9Hm9KM56BAweolJntUObT4Puny72v1etRaQnaV8BLGswOUirGA==
token
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/rb.gif
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=6cc45041-e0a5-4598-9924-335e05373475&expires=365&next=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Drubi...
  • https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0
  • https://pixel.rubiconproject.com/token?pid=49038&puid=6cc45041-e0a5-4598-9924-335e05373475
0
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=49038&puid=6cc45041-e0a5-4598-9924-335e05373475
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/token?pid=49038&puid=6cc45041-e0a5-4598-9924-335e05373475
Date
Tue, 12 Dec 2023 10:29:24 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://sid.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
date
Tue, 12 Dec 2023 10:29:23 GMT
content-length
0
9.gif
id5-sync.com/i/175/ Frame EF97 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/175/9.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 12 Dec 2023 10:29:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09e8220400df3d95e608f1e5&expires=1
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09e8220400df3d95e608f1e5&expires=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09e8220400df3d95e608f1e5&expires=1
date
Tue, 12 Dec 2023 10:29:23 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://onetag-sys.com/match/?int_id=4
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9MdhR9HQ4k4fk9syent6vDT-o6KZOqxqowJ6WF9Wp2s
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9MdhR9HQ4k4fk9syent6vDT-o6KZOqxqowJ6WF9Wp2s
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9MdhR9HQ4k4fk9syent6vDT-o6KZOqxqowJ6WF9Wp2s
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://dmp.brand-display.com/cm/api/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=11962df0-3e75-53c7-e5a2894f
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=11962df0-3e75-53c7-e5a2894f
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=11962df0-3e75-53c7-e5a2894f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EF97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-14.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6123
stags.bluekai.com/site/ Frame EF97
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=3
  • https://stags.bluekai.com/site/6123?id=LQ27A84H-20-508C&limit=1
62 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/6123?id=LQ27A84H-20-508C&limit=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 12 Dec 2023 10:29:23 GMT
content-length
62
content-type
image/gif

Redirect headers

Location
https://stags.bluekai.com/site/6123?id=LQ27A84H-20-508C&limit=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://s.company-target.com/s/rp
  • https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.rubiconproject.com
location
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
CookieSyncRubicon
rtb.adentifi.com/ Frame EF97 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.93.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-93-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rubicon
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=rubicon&bsw_custom_parameter=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=rubicon&bsw_custom_parameter=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9dd6aef8-7ca9-4986-9977-5acb3639a03b&ssp=rubicon&expires=30&user_group=5&bsw_param=c91793a1-ede4-4a6d-a5e5-5db23f6bde23
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&expires=30&gdpr=&gdpr_consent=&us_privacy=
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&expires=30&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c91793a1-ede4-4a6d-a5e5-5db23f6bde23&expires=30&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 12 Dec 2023 10:29:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=yQ1296GN1Rd00X5&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=yQ1296GN1Rd00X5&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=yQ1296GN1Rd00X5&expires=30
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif
  • https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=527d57e1-56ac-47c5-a83b-2fc81ba87fa0
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=527d57e1-56ac-47c5-a83b-2fc81ba87fa0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=527d57e1-56ac-47c5-a83b-2fc81ba87fa0
date
Tue, 12 Dec 2023 10:29:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame EF97
Redirect Chain
  • https://rcp.c.appier.net/rbcm
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=zJgxgA0SDvGWf6DrBDZ4ZQ&expires=365
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=zJgxgA0SDvGWf6DrBDZ4ZQ&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 10:29:24 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=zJgxgA0SDvGWf6DrBDZ4ZQ&expires=365
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
131
getuid
sync.smartadserver.com/ Frame EF97
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
5.135.209.105 , France, ASN16276 (OVH, FR),
Reverse DNS
ip105.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:24 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
pragma
no-cache
date
Tue, 12 Dec 2023 10:29:24 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
dc_oe=ChMItMaFrNiJgwMVhd4RCB0xIw_fEAAYACCe851iQhMItqqpq9iJgwMVjSpVCB3N8AbL;dc_eps=AHas8cCpyzJBqxFNGMXF91N8BuFjDXtatVFO0_RUZPX4z9goePs8X-fNqMTKCX_f5YQXwaaf1txkYoM9jQ;met=1;&timestamp=1702376963086;e...
ade.googlesyndication.com/ddm/activity/ Frame C44B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItMaFrNiJgwMVhd4RCB0xIw_fEAAYACCe851iQhMItqqpq9iJgwMVjSpVCB3N8AbL;dc_eps=AHas8cCpyzJBqxFNGMXF91N8BuFjDXtatVFO0_RUZPX4z9goePs8X-fNqMTKCX_f5YQXwaaf1txkYoM9jQ;met=1;&timestamp=1702376963086;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/19d3d93c-6e7a-4ab1-95d3-37f2020fd783/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ToXLUAlKJn6VC6Bq3YuzHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ToXLUAlKJn6VC6Bq3YuzHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 12 Dec 2023 10:29:23 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/138003605
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:29:23 GMT
content-encoding
br
last-modified
Sun, 10 Dec 2023 15:07:16 GMT
x-azure-ref-originshield
0xAt4ZQAAAACNtsPx5HJXTK5ClNlTYaDsRlJBMjMxMDUwNDE3MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBF991B2C59E6A"
x-azure-ref
0AzZ4ZQAAAAA2CpvkPiJiRpT0Dx1IA7ZOWlJIRURHRTEzMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3f374f30-b01e-001e-1e2d-2cc203000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
cms-2-rubicon.min.js
cti.w55c.net/ct/ Frame 45F1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2-rubicon.min.js
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-87.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cti.w55c.net/ct/cms-2c-rubicon.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 19:24:31 GMT
x-amz-version-id
4wUy6FG8mI1tQq9b3POfj8uoA5V85xC6
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
140693
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"d7ff0f4ef590b94bd79fc9b61a13ef4e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
2EeTgZtt_trr7Pes9YLfPmXv-a2a14OJ7KTQYm0JWrtC5zfuW1Fxwg==
collect
r.clarity.ms/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.theepochtimes.com
Date
Tue, 12 Dec 2023 10:29:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
match-result
tags.w55c.net/ Frame 45F1
Redirect Chain
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eVExMjk2R04xUmQwMFg1&google_cm
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESECnCzXsmUGMu2wIA1LshumI&google_cver=1
42 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESECnCzXsmUGMu2wIA1LshumI&google_cver=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
HTTP/1.1
Server
52.28.254.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-254-225.eu-central-1.compute.amazonaws.com
Software
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 10:29:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESECnCzXsmUGMu2wIA1LshumI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2964
tags.bluekai.com/site/ Frame 45F1 		62 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2964?id=yQ1296GN1Rd00X5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 12 Dec 2023 10:29:24 GMT
content-length
62
content-type
image/gif
dc_oe=ChMI__PCq9iJgwMVbwRVCB2TmQIWEAEYACDN49Ng;dc_eps=AHas8cC1ih76wwPY0w_zgEf4SkvIomHkENGiER-d9VF9qCcDwTPQkpDIJi1wukYEfIdSgQ7_vqNiiE9sNQ;met=1;&timestamp=1702376964006;eid1=871060;ecn1=1;etm1=0;eid...
ade.googlesyndication.com/ddm/activity/ Frame D5E7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI__PCq9iJgwMVbwRVCB2TmQIWEAEYACDN49Ng;dc_eps=AHas8cC1ih76wwPY0w_zgEf4SkvIomHkENGiER-d9VF9qCcDwTPQkpDIJi1wukYEfIdSgQ7_vqNiiE9sNQ;met=1;&timestamp=1702376964006;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
URL: https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 10:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| documentPictureInPicture object| __next_s object| __next_f object| webpackChunk_N_E object| next object| _N_E object| WebStreamsPolyfill function| __next_require__ function| __next_chunk_load__ object| regeneratorRuntime object| mParticle object| googletag object| pbjs object| ep function| $ string| eet_cat_ids string| eet_cat_names string| eet_term_ids string| eet_all_term_ids string| eet_tags string| eet_tags_slugs string| eet_author_name string| eet_page_type string| eet_post_id string| eet_publish_date number| eet_publish_timestamp string| eet_last_updated_date string| eet_primary_category string| eet_primary_category_name string| eet_primary_category_top_parent boolean| eet_no_ads number| eet_word_count string| eet_ads_term_ids undefined| featured_img_thumbnail boolean| eet_is_premium_article undefined| eet_post_countries object| grumi object| dataLayer function| gtag object| mPartUtil object| win object| doc object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| google_tag_manager function| loadMParticle function| initMPartSDK object| braze function| onYouTubeIframeAPIReady object| gaGlobal object| MicroModal string| GoogleAnalyticsObject function| ga function| expired object| epSubs object| GooglebQhCsO function| referral function| setCookie function| getCookie undefined| google_measure_js_timing object| extractedURLParams number| google_unique_id string| slotElement object| gaplugins object| mp object| popupPaywall object| renderPayLaterWall object| freeTrialExperience object| accountVerificationCheck object| dynamicBoost object| paidTrialExperience object| shareParams object| optimizerUI function| loadMixpanel string| debugEvent object| mixpanel number| readScroll number| debugMPpageImpression object| optimizerDataLayer function| BASE_URL object| arcanumUI function| trackOriginalSource function| loadPreparedProfile function| loadPreparedProfileData function| processSoftlogin function| destroySoftlogin function| paymentUpdatePopup function| copyTextToClipboard function| articleShareWidgetBottomMobile number| softLoginDeployment function| initShareWidget function| renderShareWidget object| script function| RegisterDesktopArticlePageObservers function| mpCommonTrackVisible function| registDesktopCommonObserver function| mpTrackTestSegments function| mpTrackElementsArticleMobile function| mpTrackElementsHomePageDesktop function| registerOnClickTrack function| trackHomePageNavSideBar function| mpTrackElementsArticleDesktop function| mpTrackElementsBottomArticleRecommendation function| mpTrackSidebarVisible function| testMparticle function| waitForSmartoctoScript function| etso_init_ain_object function| etso_initSmartoctoInsights function| etso_initSmartoctoTentacles function| etso_init_keys function| etso_init_smartocto function| etso_init_smartocto_conversion function| etso_track_conversion string| epochShareWidgetVersion string| shareWidgetMode function| googleOneTapCallback object| etso_keys string| etso_post_id string| etso_maincontent string| etso_title string| etso_pubdate string| etso_authors string| etso_sections string| etso_tags string| etso_access_level object| _ain object| tentacles object| visibly string| bb object| _qevents undefined| dynamicPixel object| uetq function| twq function| quantserve function| __qc object| ezt object| _qoptions object| twttr function| UET function| UET_init function| UET_push object| ueto_c7bd0b1318 object| t boolean| tentaclesProcessedABTitles number| tentacle_timer_apply boolean| tentaclesExecuted function| rbuPopUp object| ingestion object| WDSMemberConfig object| WDSConfig number| timeout object| mpTrackedElements boolean| tpc_present object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_617245 function| clarity object| clarityuetq

187 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgiiARDbFgoJCP____8HEOUW
.theepochtimes.com/ Name: _ga
Value: GA1.1.553582181.1702376950
.theepochtimes.com/ Name: _gcl_au
Value: 1.1.424302550.1702376950
.theepochtimes.com/ Name: pageviewCount_fb
Value: 1,none,https://www.theepochtimes.com/epochfun/block-champ-epoch-games-3942372
.minutemedia-prebid.com/ Name: wrvUserID
Value: -O6W2lczCp_mm
.omnitagjs.com/ Name: ayl_visitor
Value: 47c5b3c564844849a221a8251e3f274d
www.theepochtimes.com/ Name: epoch_geo_country
Value: ch
.theepochtimes.com/ Name: mp_s
Value: %7B%22utm_source%22%3Anull%2C%22utm_medium%22%3Anull%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22entry_referrer%22%3A%22%22%2C%22entry_referrer_url%22%3A%22%22%2C%22entry_clean_url%22%3A%22%22%2C%22search_engine%22%3Anull%2C%22id%22%3A%22lq27a6hd00yyh5qaiivvd%22%2C%22total_pages%22%3A1%2C%22start%22%3A1702376951377%7D
.theepochtimes.com/ Name: e_ab_es
Value: 0.7719822212876815
www.theepochtimes.com/ Name: firstVisit
Value: 1domain=theepochtimes.com
.theepochtimes.com/ Name: mp_lib
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18c5d92cf451422-0de7b6c5b176a9-5771e33-1d4c00-18c5d92cf451422%22%2C%22%24device_id%22%3A%20%2218c5d92cf451422-0de7b6c5b176a9-5771e33-1d4c00-18c5d92cf451422%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUnI4zyfssZu1r2lDpD77YSO7Xy-gZrbr3BwP8JIDuNSOPQruBdVmWpC3DoSDlM
.theepochtimes.com/ Name: __gads
Value: ID=02ee2b7fec02a869:T=1702376950:RT=1702376950:S=ALNI_MZ5Ax1A-6LYc56kbLYsu-_16cWlAQ
.theepochtimes.com/ Name: __gpi
Value: UID=00000d13d8e082c6:T=1702376950:RT=1702376950:S=ALNI_MZRSqgbwCc7Hd4fV6oT7xnne8oQUw
.casalemedia.com/ Name: CMID
Value: ZXg19.CgV1XLmDdXOS6uOQAA
.casalemedia.com/ Name: CMPS
Value: 1147
.casalemedia.com/ Name: CMPRO
Value: 1147
.theepochtimes.com/ Name: _ga_RD0QM5H02Q
Value: GS1.1.1702376949.1.0.1702376951.58.0.0
.openx.net/ Name: i
Value: 4a40aea6-dfd7-4e6e-b469-e641997967a3|1702376952
.theepochtimes.com/ Name: epoch_persistent_user_id
Value: anonf6ac-025e-47e7-8d2d-1402031fcf62
.adnxs.com/ Name: uuid2
Value: 8151302574394360069
.ctnsnet.com/ Name: gid_CAESELt_H4Qj4ZYwbT0GK5mAV6M
Value: 1
.bidswitch.net/ Name: c
Value: 1702376952
.bidswitch.net/ Name: tuuid_lu
Value: 1702376952
.bidswitch.net/ Name: tuuid
Value: c91793a1-ede4-4a6d-a5e5-5db23f6bde23
.yieldmo.com/ Name: yieldmo_id
Value: 3zzzAiittUibFSyLuimn%7C1702339200000%7C0
www.theepochtimes.com/ Name: _ain_cid
Value: 1702376952931.69247687.76198475
www.theepochtimes.com/ Name: _ain_uid
Value: 1702376952931.903787927.0863756
.quantserve.com/ Name: mc
Value: 657835f8-e08bb-6c145-96768
.bidswitch.net/ Name: google_push
Value: AXcoOmR3OwV2289UamA8Yi60bTsVUMuX8VO0sSuRi8yKr8qO0kWiCQ2NEpBj0lHvRpPUcgo2E3tVVzp9J0VfGhfy4JJdcfAutNF8gw
.media.net/ Name: visitor-id
Value: 3453785522664263000V10
.adform.net/ Name: C
Value: 1
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 7479292622435232592
.admanmedia.com/ Name: ac_r
Value: CS253
.rubiconproject.com/ Name: khaos
Value: LQ27A84H-20-508C
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.advertising.com/ Name: A3
Value: d=AQABBPk1eGUCEOEaysO_kLxxOYztWWSSVN4FEgEBAQGHeWWCZbte0CMA_eMAAA&S=AQAAAhgA2e6mdfH8xRbweDpbjnw
.yahoo.com/ Name: A3
Value: d=AQABBPk1eGUCEBaRUaYVNE8duWzFQj92YiEFEgEBAQGHeWWCZbte0CMA_eMAAA&S=AQAAAmtDlCjrHdbZwrAcpIfTQkU
.scorecardresearch.com/ Name: UID
Value: 15B16d9a352278c2d6510181702376953
.admanmedia.com/ Name: admtr
Value: bec88e1f-f4d7-4d79-93d3-bd523fed5c21
.ads.stickyadstv.com/ Name: UID
Value: f4c8d6416d16ab94eb4d32e5561b56e
.linkedin.com/ Name: bcookie
Value: "v=2&b4c608bc-7a67-4c20-83de-497f655c8552"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDIzNzY5NTM7MjswMjGZiATlMxtO3tQhlt4/KBC9YNC43dvrxkkYY0YuDZ7kdw==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3086:u=1:x=1:i=1702376953:t=1702463353:v=2:sig=AQHDebm5jXweDzgEa-A4U8xE0yUxk8-G"
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2023-12-12T10:29:13.893Z~2023-12-12T10:29:13.893Z|2557311720402194|53|
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1A8BB66F-5E04-4E72-AD14-33925F0CFB13
.theepochtimes.com/ Name: _uetsid
Value: 4bb34d4098d911eeaf6005f13f0e55cf
.theepochtimes.com/ Name: _uetvid
Value: 4bb38da098d911ee8ec5ad27f9bb6c5e
.sitescout.com/ Name: ssi
Value: a17aea42-0c01-4153-b844-97f8a0e856f8#1702376953991
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
.ctnsnet.com/ Name: cid
Value: 1c3297fed6e741dfb3b60f15ea1796d6
.bing.com/ Name: MUID
Value: 15C4EDB7856F69C11995FE52849E6822
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.undertone.com/ Name: UID_EXT_57
Value: ZXg19-CgV1XLmDdXOS6uOQAABHsAAAAB
.undertone.com/ Name: UID_EXT_47
Value: LQ27A84H-20-508C
www.theepochtimes.com/ Name: _sotmsid
Value: 0:lq27a8tk:UACKsU5qJGGewt6ar1mP_rzKLv1NaoiC
www.theepochtimes.com/ Name: _sotmpid
Value: 0:lq27a8tk:YKcJGa54Bi6IXoZV~MXet9Z8nr_Ukoku
.theepochtimes.com/ Name: alo_uid
Value: 7edeff06-3194-4e86-b5ea-90b51e53ae5d
.amazon-adsystem.com/ Name: ad-id
Value: A5WParkrwENMvaJl0JFnPfM
.undertone.com/ Name: UID_EXT_56
Value: y-jWlysYpE2uGCn_2ACE5zK_agMceHnWOQgMFgCm8-~A
.simpli.fi/ Name: suid
Value: 82833912DB12441CBA3377A3688FD58E
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXg1_gAGW1rXrABU
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fbf4b193-e6d7-5884-76c1-3faeb7a5a2fa.ShRwDTYYRcOBymSM0dAYo4c2zk783fM1JQKGKkDmEu8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fbf4b193-e6d7-5884-76c1-3faeb7a5a2fa.ShRwDTYYRcOBymSM0dAYo4c2zk783fM1JQKGKkDmEu8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-_Sxk-bXWIR2wT-ut6Wi-rw9MDI.q6hEFLdjCBkPDVI267lyexkSAeNpJN5Mo%2FpTVLkxAaU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-_Sxk-bXWIR2wT-ut6Wi-rw9MDI.q6hEFLdjCBkPDVI267lyexkSAeNpJN5Mo%2FpTVLkxAaU
.liadm.com/ Name: lidid
Value: 94d1d17c-4cd0-4c15-a1b8-0c4bf9700926
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAJSx__nh0o8zJT1LQ4FqmZajmRA9msABZEm1zhb1s59EAEYAyD66-CrBjABOgTwi70wQgTd2liW.b224bD%2BtNEnQ5YRo5wBG4ZMkNGE3LcZaW2rlM2lJ%2BVQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAJSx__nh0o8zJT1LQ4FqmZajmRA9msABZEm1zhb1s59EAEYAyD66-CrBjABOgTwi70wQgTd2liW.b224bD%2BtNEnQ5YRo5wBG4ZMkNGE3LcZaW2rlM2lJ%2BVQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAEYkE7K8GwAABWIV0ZT9Q
.undertone.com/ Name: UID_EXT_39
Value: d281f6d8-76ff-4dfa-843a-316e0af2740c
.theepochtimes.com/ Name: wds_random
Value: 2023-12-12T10:29:13.893Z~2023-12-12T10:29:13.893Z|2557311720402194|53|
.theepochtimes.com/ Name: __WDS1
Value: %7B%22da_100415%22%3A%7B%22hu%22%3A%222023-12-12T10%3A29%3A16.419Z%22%7D%7D
ams.cdn.arkadiumhosted.com/ Name: ai_user
Value: jwIvns7uLHUO1t2BYY8Ors|2023-12-12T10:29:17.603Z
ams.cdn.arkadiumhosted.com/ Name: ai_sessionc16501df-8bcc-46ac-98ac-37bb4cc3291b_GameCore_AppInsights
Value: ktix5uR2V7S413w32JS6tv|1702376958802|1702376958802
.demdex.net/ Name: demdex
Value: 11771366463933181034494923062265731588
.fwmrm.net/ Name: _uid
Value: umv0b34_7313351356169512981
.turn.com/ Name: uid
Value: 7462143506322131454
.acuityplatform.com/ Name: auid
Value: 863799532456
.company-target.com/ Name: tuuid
Value: 47e2c192-dc48-48f5-bd3d-c98a9a1ec4f5
.mediago.io/ Name: __mguid_
Value: f34e9699eac8a04220olwb00lq27aeve
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv0b34_7313351356169512981
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv0b34_7313351356169512981
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjEzM7EwtLQwNjUwNjYB8UyE-Ax1U3MTdXXNKsIscwoiANww0mglAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjEzM7EwtLQwNjUwNjYB8UyE-Ax1U3MTdXXNKsIscwoiANww0mglAAAA
a.clickcertain.com/ Name: _ccpx_u
Value: 1ad77fbe%2dc8ef%2d420f%2dba52%2dd04428ee3cfc
.dpm.demdex.net/ Name: dpm
Value: 11771366463933181034494923062265731588
.t.co/ Name: muc_ads
Value: 84ae81b4-5a20-43a8-9cb0-e9f8b9196dde
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f94b696c9906a4e9c8163e9e2f218124
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLM0STKzNEu2tDQwSzRJtUy2MDQzTrVMNUozMrQwNDJhAILUCjMmEA0FAEDCCYA%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrTBjAlJQAAAOTgEW"
.onetag-sys.com/ Name: OTP
Value: 9MdhR9HQ4k4fk9syent6vDT-o6KZOqxqowJ6WF9Wp2s
.theepochtimes.com/ Name: __qca
Value: P0-1324882923-1702376953193
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170237696237000283
.twitter.com/ Name: guest_id_ads
Value: v1%3A170237696237000283
.twitter.com/ Name: personalization_id
Value: "v1_XKOmAhPAHLyUzGwjJ0WDeg=="
.twitter.com/ Name: guest_id
Value: v1%3A170237696237000283
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: pi
Value: 159706:3
.3lift.com/ Name: tluid
Value: 1345541413206663661435
a.clickcertain.com/ Name: _ccpx_244b81b94c69796
Value: 1
a.clickcertain.com/ Name: _ccpx
Value: 244b81b94c69796
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 5fb947ad-9ec7-525a-9f7f-9e8dfa07a88f
.betweendigital.com/ Name: ss
Value: 1
.rezync.com/ Name: zync-uuid
Value: b4860cc5-481a-44d7-948d-2690ec43bc3a:1702376962.5905209
.smartadserver.com/ Name: pid
Value: 4845899871328933219
.tapad.com/ Name: TapAd_TS
Value: 1702376962695
.tapad.com/ Name: TapAd_DID
Value: 417bd794-df4f-4e7c-945d-ea4ecbde02f8
.betweendigital.com/ Name: ut
Value: ZXg2AgAKoqhg8TrO0G24FcIuy9EOr9hOXKlnxQ==
.contextweb.com/ Name: V
Value: TY6GIkeytWbi
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oi5|8nK.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 153995cb8a55ada4
.pubmatic.com/ Name: SyncRTB3
Value: 1703548800%3A13_220_21
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIxAtYRSts6TieVoBBTouyU&KRTB&23025-CAESEIxAtYRSts6TieVoBBTouyU&KRTB&23386-CAESEIxAtYRSts6TieVoBBTouyU
.pubmatic.com/ Name: PugT
Value: 1702376962
.undertone.com/ Name: UID_EXT_54
Value: a17aea42-0c01-4153-b844-97f8a0e856f8-657835f9-4348
.criteo.com/ Name: uid
Value: c0fcd6ec-6265-455b-88fb-aeebcea19ac2
.quantserve.com/ Name: d
Value: EAwBFQHSKoELqjDsvLEA
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhcyL0WSmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYXMi9Fko90aGlyZFBhcnR5VXNlcklkWkNBRVNFQlprUE9UaWtpeExvZ1VmWVgzVW44b/uAMvpCxEMlAUYXMi9esEQlAUYXMi9esEUh+/uGdmVyc2lvbsL7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2In2vWHN`!]tb^5m<=$*@:os1=2!:F4PUbA1dXVCb19eCVQ('QE7G]lfM]`ZovVW.3UhkEx9Y1D$25bT5kDXT5`/H$wJHb_sZ%x5+@R=59d%<FVY'f?tHQO!!)RU-uI^+
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRMjdBODRILTIwLTUwOEMiLCJleHBpcmVzIjoiMjAyNC0wMy0xMVQxMDoyOToyM1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0xMlQxMDoyOToyM1oifQ==
.company-target.com/ Name: tuuid_lu
Value: 1702376963|ix:0|rp:0
.brand-display.com/ Name: _knxq_
Value: 11962df0-3e75-53c7-e5a2894f.1702376954.1.1702376963.1702376954
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z9~2fka:194o~2fka:18vk~2fka:19e0~2fka"
.dotomi.com/ Name: DotomiTest
Value: 7478af9157241904
.tribalfusion.com/ Name: ANON_ID
Value: a4nvvvSZdIijSTnMSXxNpa0nMujuCYbXHCIEkWfWtvlZcU7K4DswQbESnRwB7J4ky7FKNZaFiBihfSQAEXlPks0gZdyYVCeVIwRUrQQeM1kF7YPZaiOCM
.sitescout.com/ Name: _ssuma
Value: eyIxNSI6MTcwMjM3Njk2MzI1MSwiMzkiOjE3MDIzNzY5NTQxMzcsIjciOjE3MDIzNzY5NTQxMzcsIjgwIjoxNzAyMzc2OTU0MTM3fQ
.ads.yieldmo.com/ Name: ptrrc
Value: LQ27A84H-20-508C
.adsby.bidtheatre.com/ Name: __kuid
Value: 3cae163a-8bd3-4648-8b34-dfcf951311d5.471590963
.adfarm1.adition.com/ Name: UserID1
Value: 7311653381556992157
.blismedia.com/ Name: b
Value: 6578360359F0E4334DB5274CBLIS
.alocdn.com/ Name: uuid
Value: 9220bcb4-2076-4f4a-a7d9-a65229ab9c8b
www.clarity.ms/ Name: CLID
Value: 0745ce50517842bb86a208ee14e57e00.20231212.20241211
.adotmob.com/ Name: uid
Value: 09e8220400df3d95e608f1e5
.adotmob.com/ Name: uuid
Value: 09e8220400df3d95e608f1e5
.adotmob.com/ Name: partners
Value: RUB%3A1702376963512
.theepochtimes.com/ Name: _clck
Value: 1b4z1o4%7C2%7Cfhh%7C0%7C1441
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUTI3QTg0SC0yMC01MDhDIiwiZXhwaXJlcyI6IjIwMjMtMTItMjZUMTA6Mjk6MjMuNjk3MDM3OTg3WiJ9fX0=
prebid-s2s.media.net/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUTI3QTg0SC0yMC01MDhDIiwiZXhwaXJlcyI6IjIwMjMtMTItMjZUMTA6Mjk6MjMuNjk5NzM4Mjk0WiJ9fSwiYmRheSI6IjIwMjMtMTItMTJUMTA6Mjk6MjMuNjk5MDg1Mzk0WiIsImhvc3RfdWlkcyI6eyJtZWRpYW5ldCI6eyJ1aWQiOiIzNDUzNzg1NTIyNjY0MjYzMDAwVjEwIn19fQ==
p.alocdn.com/ Name: _ep
Value: 1702376963
.csync.loopme.me/ Name: viewer_token
Value: 90aff595-3ddf-4a63-b5c8-ce5e7421583e
.primis.tech/ Name: csuuid
Value: 65783603bc8c3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003%22%2C%22nxtrdr%22%3Afalse%7D
.w55c.net/ Name: wfivefivec
Value: yQ1296GN1Rd00X5
.creative-serving.com/ Name: tuuid
Value: 9dd6aef8-7ca9-4986-9977-5acb3639a03b
.creative-serving.com/ Name: c
Value: 1702376963
.creative-serving.com/ Name: tuuid_lu
Value: 1702376963
.ipredictive.com/ Name: cu
Value: 6b60cab5-d08c-4a0a-8d8d-e6bae10223df|1702376963804
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_51854e00-98d9-11ee-8814-12fa6b58ae11
.mxptint.net/ Name: mxpim
Value: R35CA5_10D92617F_8581BBF.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065783603
.aniview.com/ Name: 1_C_5
Value: LQ27A84H-20-508C
sync.aniview.com/ Name: 1_C_5
Value: LQ27A84H-20-508C
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 6cc45041-e0a5-4598-9924-335e05373475
.bluekai.com/ Name: bku
Value: k9L999xtKsPdT6zN
.bluekai.com/ Name: bkpa
Value: KJy9cxeid02pSUHknp/8BMxdSVx2KPWh1MAtH6ThDZxy1aQN9yY9pxQl
.w55c.net/ Name: matchbluekai
Value: 3
.w55c.net/ Name: matchrubicon
Value: 5
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.c.appier.net/ Name: _auid
Value: zJgxgA0SDvGWf6DrBDZ4ZQ
.connatix.com/ Name: cnx_userId
Value: 402d4d2bee9f4da8818e36ee611b0383
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 8g2Lv0R80I5bEJEB9sWDgLizoZkxVe8u6dO85HpfpGnzk8%2BxPc93maf3AqNJAoJRX0VwWCxFAahY11IMi0Ngcg%3D%3D
.serverbid.com/ Name: CONSUMABLEID
Value: 3d8a9e24200f47398a9e24200f8739e9
.socdm.com/ Name: SOSYNC
Value: anNvbjp7InJ1Ymljb24iOjE3MDIzNzY5NjR9
.w55c.net/ Name: matchgoogle
Value: 3
.smaato.net/ Name: SCM
Value: c8217e6d97
.smaato.net/ Name: SCMsas
Value: c8217e6d97
.smaato.net/ Name: SCM1001989
Value: c8217e6d97
.smartadserver.com/ Name: csync
Value: 104:LQ27A84H-20-508C|133:c8217e6d97
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.kargo.com/ Name: ktcid
Value: c82bade7-fe40-0f99-5f16-0ba0113a7692
.dotomi.com/ Name: DotomiUser
Value: 709707348863373271$3$1396377691$$1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-89bcec25-f59f-47ce-a4f2-5ce75481ee33-003%22%7D
.rubiconproject.com/ Name: audit
Value: 1|O6ZddqkFf+4qxQSGIYmSbRt7DDLXsRGarUNp4g+o3PFPlk3F4xWyMigR/aW8cXRI7ejfyk31NFcwHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpe8C+wKepIyjuZeEsKJM3iy8jhgVsFtqKvEfFWKbXdAWZldJwFI62J7Zx9djGfDrLmdvoGLIiyOj
.theepochtimes.com/ Name: _clsk
Value: qcffzb%7C1702376965793%7C1%7C1%7Cr.clarity.ms%2Fcollect
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dc6PMHTPCjXJ93CuyIrwKfDMNy_2sAjiNTQ3MDI2N7M0MzI2tXzFiMw3M5gkbJ5olJZsYGaRoptkYZKma2JpaqibZGKZrGuabGqQaGhonmxgaGqF0KRnamFhaWluMksYYZKZkaHpIlS-GQCHLx1RlwAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dc6PMHTPCjXJ93CuyIrwKfDMNy_2sGhiMU80Sks2MLNI0U2yMEnTNbE0NdRNMrFM1jVNNjVINDQ0TzYwNLUyNDcwMjY3szQz0jO1sLC0NDcBAD-oG6FYAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwVyksOgyAQANC7zFqakRmGz2UMAgvSShvRTY13L12-5F2wfMq-xVbaAeHYzzJBetWhDuGCXr9beUIAFmE3e0cGifgvhnuCXnqv77bUPM7KTjAlo8aMijlb5dllpcVjSUxrohhmi5qseNEP49Fo9HD_AKkDJXY.ZXg2Bg.Ag6L5HRoK2Ud8Z-vFbRmod7kV9s
.rlcdn.com/ Name: rlas3
Value: TjRABAirxhtraQFakVRdMvqxMaet5iFHzfaIIXGXW8w=
.rlcdn.com/ Name: pxrc
Value: CIbs4KsGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=

14 Console Messages

Source Level URL
Text
deprecation warning URL: https://html5.api.gamedistribution.com/main.min.js(Line 7)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://comment.youmaker.com/api/v1/user?site=remark
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://img.theepochtimes.com/fonts/Acta-Book.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
rendering warning URL: https://arenaconnect.cdn.arkadiumhosted.com/games-storage/html5-common-lib/js/render-code.js(Line 23)
Message:
The key "target-densitydpi" is not supported.
other warning URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170(Line 744)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
rendering warning URL: https://ams.cdn.arkadiumhosted.com/assets/global/game/block-champ/build/main.js?6b303e62accb5399b170(Line 750)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.clickcertain.com
a.remarketstats.com
a.rfihub.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
ams.cdn.arkadiumhosted.com
ana.headerlift.com
analytics.pangle-ads.com
analytics.twitter.com
ap.lijit.com
api.smartocto.com
arenacloud.cdn.arkadiumhosted.com
arenacommonservices.cdn.arkadiumhosted.com
arenaconnect.cdn.arkadiumhosted.com
arenaservices.cdn.arkadiumhosted.com
b1sync.zemanta.com
bat.bing.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
c1.adform.net
c4f44920fc6b29e7334279ed9fcd75af.safeframe.googlesyndication.com
capi.connatix.com
casale-match.dotomi.com
cdn.epoch.cloud
cdn.gamemonkey.org
cdn.jsdelivr.net
cdn.undertone.com
ce.lijit.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
comment.youmaker.com
crb.kargo.com
cs.admanmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csync.loopme.me
cti.w55c.net
d.turn.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
dc.services.visualstudio.com
dclk-match.dotomi.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
ea.epochbase.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.mediavine.com
exchange.postrelease.com
fonts.googleapis.com
game.api.gamedistribution.com
gamedistribution.arkadiumarena.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gw.geoedge.be
hb-api.omnitagjs.com
hb.improvedigital.com
hb.minutemedia-prebid.com
hb.undertone.com
hb.yahoo.net
html5.api.gamedistribution.com
html5.gamedistribution.com
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.theepochtimes.com
ingestion.contentinsights.com
ingestion.smartocto.com
insight.adsrvr.org
js.alocdn.com
live.primis.tech
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
mixproxy.epoch.cloud
mp.theepochtimes.com
msgrt.gamedistribution.com
onetag-sys.com
p.alocdn.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.azerioncircle.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid-s2s.media.net
prebid.a-mo.net
pub.headerlift.com
pwe.epochbase.com
px.ads.linkedin.com
r.clarity.ms
rbp.mxptint.net
rcp.c.appier.net
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rubicon-match.dotomi.com
rubiconcm.digitaleast.mobi
rules.quantcount.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
sdk.minutemedia-prebid.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.epoch.cloud
sid.storygize.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
subs.theepochtimes.com
subsapi.epoch.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
t.co
tag.atom.gamedistribution.com
tags.bluekai.com
tags.w55c.net
tags.wdsvc.net
tentacles.smartocto.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
tracker-v4.gamedock.io
tracker.gamemonkey.org
um.simpli.fi
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usr.undertone.com
visitor.omnitagjs.com
www.clarity.ms
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.theepochtimes.com
x.bidswitch.net
d.turn.com
104.16.123.175
104.16.86.20
104.17.158.22
104.18.25.173
104.18.36.155
104.21.234.68
104.21.234.69
104.244.42.136
104.244.42.195
104.244.42.197
104.26.3.122
104.26.9.50
108.138.26.47
108.177.15.157
13.107.213.45
13.107.42.14
13.32.121.5
13.32.121.90
13.32.27.108
13.32.27.113
13.32.27.64
13.32.27.66
13.32.99.87
13.69.106.89
141.95.33.120
142.250.184.196
142.250.184.226
142.250.184.232
142.250.185.130
142.250.185.193
142.250.185.206
142.250.185.98
142.250.186.65
142.250.186.66
142.250.186.74
142.250.186.99
143.204.215.101
143.244.208.184
145.40.97.66
146.75.116.157
151.101.129.26
151.101.130.49
151.101.194.133
154.57.158.25
154.59.122.79
159.89.246.130
169.150.247.38
169.197.150.8
172.105.221.29
172.217.16.130
172.217.16.138
172.217.18.2
172.217.18.6
172.64.140.13
172.64.146.152
172.67.74.129
174.143.223.9
178.250.1.9
18.195.142.193
18.209.128.131
18.239.40.117
18.239.69.99
18.239.83.126
18.239.83.4
18.245.60.14
18.66.147.95
18.66.97.128
18.66.97.52
184.86.251.219
185.29.134.248
185.64.190.79
185.64.191.210
185.86.139.93
185.89.211.116
188.114.96.3
188.42.196.115
192.132.33.67
193.0.160.130
2.18.160.23
2.19.198.113
2.23.209.52
20.119.174.243
204.79.197.200
208.93.169.131
209.192.253.60
209.54.182.161
211.120.53.203
216.239.34.36
216.52.2.16
216.52.2.86
216.58.206.34
23.212.202.217
23.212.211.47
23.48.23.59
23.52.120.246
3.123.103.29
3.125.110.167
3.210.93.214
3.225.229.133
3.33.220.150
3.68.0.8
3.69.181.174
3.75.62.37
34.102.198.207
34.107.140.113
34.107.148.139
34.110.129.224
34.111.113.62
34.120.33.89
34.149.50.64
34.160.19.107
34.232.211.7
34.250.56.77
34.251.7.23
34.253.164.173
34.95.81.168
34.96.105.8
34.96.71.22
34.98.64.218
35.156.190.4
35.162.252.179
35.186.193.173
35.204.158.49
35.208.249.213
35.214.194.112
35.244.174.68
37.157.2.230
38.68.201.140
4.7.168.74
44.205.176.247
45.137.176.88
46.228.164.11
46.228.174.117
5.135.209.104
5.135.209.105
5.196.111.69
51.89.9.253
52.16.22.123
52.18.111.16
52.200.58.150
52.209.71.13
52.212.19.49
52.28.254.225
52.29.230.13
52.49.77.78
52.95.122.74
54.154.71.108
54.154.89.200
54.157.109.0
54.162.68.92
54.194.196.88
54.246.107.192
54.75.61.252
54.76.12.87
54.76.87.161
64.202.112.223
64.227.64.62
64.233.166.84
67.202.105.22
69.173.144.139
69.173.144.165
69.192.160.219
70.42.32.127
72.251.241.204
76.223.111.18
80.77.87.162
85.114.159.118
89.207.16.140
89.207.16.210
91.228.74.159
93.184.220.66
96.46.186.182
98.98.134.241
99.86.4.47
99.86.4.55
0175ef65c5d8cd4ce63c030a8c409a33f73de027b1593bf77f780f91c3b07bdd
0256773b3d93a7580dfc402dc883604263494826434877d3d87df30d45f6770d
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
03268fb285ed8486b6a21e5106f8faa3d517434bbf60c0e9a09e7e2737ce1345
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
064d7b833644dd282e4ab3ea2f965d8ec8d4cd6db6ab74c19d0e93df5bb6e823
084ddfe730322bfcef261b420f2ea4ac44b213654d7849a79ecaed433227dbd3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc87fd3f2b5fff4191038925c3c4c51abb5cedcd77c9f5869f6c8a20561b1ea
0c8b9a39abc61fdc3471dae2074d453064d80f2bba2fe19d1d7d683b9c7c7223
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
0e3530366f481c19813abb79fd15cdc5b45dbbc276401cbde7c4bf283b75a114
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0e5fbbe10f708bf6bbcc9d5d91e7209391cf9798e3ac144d3dd3db2c2e698309
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f1104aae416bc32900e253b50a26d22beba9fa197d2d805d42b7c106b32aa51
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1152f79a12543479de3ec4e56eaa913401cd934968ddfcbf833218f585a0e494
12eda573f7728a7171718728d2ed4b89ab4f9d8165762db24bae369cacaa4436
13b81e5fbcfd1eceeed6736de88e9fce3edf25dead86bb944c0cfe179695128b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16ca3aa97c894d331e7f3dadaee8f7ac8a66a30fc1f85c877bdca4cd911ef520
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
17f541559ff3e0ce1984b830daeb36612d067d987b53e1f5cae89ae635d58005
1a2dca7dcedb76346bb3b8a79f9d40d155071080e042b94377e848c6446cb5c0
1aad44daac146bcce6f4af4f12a865b7dfd21a6bd11b85be0c79947c70c6f135
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d372994db9ad9401a97d10fc3a7a68205c53899031ba260e121de627cce9df7
1d9e0d05669a3610c7263c551b8b406344c148713485f7e8124f61b05e2463cd
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20675f9b4d26c8d9d7cbf0eea095d1bded225a597a943e2659cccad819563193
21ca4a07c0e097bc9ae3a80c091c0b4e019a5725de5db32883dbf3dd509b2249
2217ed3c72b72b9496411a601e38bb2dc1520f0cbd840576541e1ef89a3eb730
24de42a0502d9fdfd4df03eff490af5fe0872917e727a2c46b701c0944d63a85
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cedcca705bb3868d4583c1116ffd759da458ca07f0d59b8da9116a3bffbf08
26334b6e9122b102cc66898bceee5be00927575ff5bce29907a7b35a94688f37
26596e242c76558f8085c3d3a634ff993bc7ff98cdfb6d322bb7698c420e6bfe
26d362e89afa0c6949cc641dfa6b3a36da6596603578da392973124239eb0046
280c910f319e8120d7c63d90b9208f4ba14eae38fac9436086454e57402f05b0
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2b212916dfe2671073195571a45aba302760033b8abf8bd0a21644c83b280460
2c04b03f470351647b4bd72fd7953165d4fc6b0b859a35d012ac219041de6274
2c9d20a82bcd631dba5fb5a9c1dbc507baf559da09375e65b8870a328fc6e470
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea0a9543e9faa916e4107a9e7729cdf4cc84912df800b4ad98b2d1b4b5419cf
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30cba8c6f7374a344b5a6d97dda6da6f92281144a7123bd7168349de7d85f4b3
30ee8dc4920b2dca6621737d57c70ab1dff3b54c52001d9488d2cf048c99c3c3
31115097c81cc627c341e72d364ec9a9588c84ef37ef3bca2de41b69011fd7e3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33f2ccbf7894a2cb7c2f9d7ef2ff6896aed49d901d7eba3a0b56e51145179835
33fcc75d43c2c016d1265c4cde62d316b84a9bd6e9981a093802cb5e11b5459a
38263eca3afcf1cbab8d54b6b37527e73509529510bd1db1bf4f5f335c78b978
382f386a714fa0d8be8e2bf02b5b9431cbccb14a62aaaf2990f49564773ff7c6
3882c860de0e52e16628e5d14da86db2e9ebd8c9cd4bba36ddc1838bbf2355b2
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39766b5f676147410ac4c9b61ee7fe38dfb3d6ae553973bf2e2bb65f1ec59312
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3dc63c021dc7baed542c4532518177dadb0da3cf32c7d21e29260622c0958c78
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0e66bf74da8675d70138bb4b907d1bfb811dbdcb9529e1d75faa3c1311b3b3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4091576171ea9606116f58a0d28b72ecc9776541b15eb506ef08b9ef28dbb32e
41325c82ffd14aa381ef6628dcdb9a1ccaa174a1902f60a438fb5c0946fcddb1
41a491b6ec4c4ba2be42e5bf9040f0dc254b0fb6db203ad01cdfa10145fdcd21
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
444ff70a5475136a53febd3d6e0a051d8e162618f6cac6963803d36b117312c6
44c80b1392954f0944515ee4736e55afe97c1d3a2c3fa49ddfdbe4b3e54610e0
454dbd85f11525a97e7d31ff117ee12d94a629811b5afeca22e9dd795df35bac
455d210dfd0369af7d97f4e37ea174e4891b66658af0104513d3ea661867bd59
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45f4d257ca07102991ba53b9793565a1f717ec2ce3f2bfdb8a0167477c703ee7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b782933f4ffe1e923111eb93d3924b4807e78ce63064d0b01e0f96de529a4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d47796ff9eb9aa3d3dfeca09b2b2aa7880f975b5e21adfda7ef43f745db3e
4bdfda12d901596ba79c5acbb3c3c877d7179f6958df626083eb2391ca31e3ae
4bf539e131856ae7a6163212195ab2951250f76a93237df7ade81a468450355a
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c
4d1de9f1bc032bb0ac127ab34e02cb9a6f71b9e87965ae341760fe8229531833
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5ffa9b4660a2cb3cc7733dd785224252768155d96805b19b862ef55af6d045
4d7bd00ea79744a14ecd09a2d1db45d4b91e9f3b6eda3edb3ad8b1ba4188e1ec
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fcb8d293a0e0c00eb05d95f95af8ff51bc3999f3273574b5f064a061085bbe1
508945b58b4e0cc020ce1e661045cab9f1ed6b1d515c43d17876b1290fb38fe5
5170f66a790a31945d032a96829d2bf2cc0432ff7367de63c955c0445412df14
52c854815f543b120f9314bf012a95ff9902edef46b232928855005edd9cf67c
536142fa70fc6bba822c730283a4b863cbaef5367a3fd01dc6cf85185b2dfa88
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5714f24b380cd260c5a35831912e219007b34d727bd7c9bc65f0d242b004d9cf
58255daa744ee7478e21dd58b685345e4f76d95522a5ba987c4e73e9281336c5
59d30583e985f22ee29bb9c9566548dac69caa439a5c7539e4be705520e363fa
5a8695b2c26e97716763507969087ecdde9bb4c80016bf8a2e9a5e33ffe32f69
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
5ca92c06dc31883efdd21b50d74cfd8756fa7a312728339494e2298cb40b6a9f
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
5d103df41045bc8e9538ed05d79fdd7750af623fa8dd55fdc3b74d90d6ba20a0
5d7096b00e8c7ac35742ac38d43845f7dcccaa6a9e033f60c0494c16a2dd2b97
5d86b5ff40546e3a2ba79df35d4f926b43b145f3b84619df160fc5f1ff307633
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f7994f614840b1913abb1a77b6df19e84d45d582847fdff4bde6070ef0c0c29
61b459cc9bf965b73d8b86b4b8da20b0f019b14dcdcc33ff8909920d0f22eb32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
635642b651869c3570d14f30f3e728b9d7a7b1ef739896f92bf21642182b845b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d819e03aaf3877c15b1d7d532cf06316663cad1aca835ac99497ab08e0bf0e9
6f9a5c3f745873354492946bee5f813c7ce2fba6a279a6b0d264d4fc894fa604
70659f067848d788d5f882e6fbd2ed34b1268cec421263717af9198897a6c46d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
784bc5a04e4e922d5ffd876775571ef7386fa366d22c68ba62baf3afd1877f5e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79ba57725f16d327d071677d9bf7e0b06b0a9c9799e48973bc50775e9fff1796
7b160762b84082c2231fb686a658536e8d644f35125e201a48dae686f487f553
7b6025d9938c7ade95fc2f301b6ae202c3a8853d392176f5416169e63affe437
7bf4473ecc25fc8a56c7da4846022537d11e73a499922e0a16be9b8f83869052
7ce0ea25dd287067a9b8e53baeb16828bb26368f529b4022f1f27a40c11c126d
7e5b0ee6bf5d301e1bbb21d770f5edaacf6597f16374a26c762b45eee554a1d4
7e8ac086a9c6bfb17b6dcfca877a6afff2598e4f6be9dd6248be628db4b644e4
7f57bcee821673d24b0d1da1b8a89b26613984676f614912c1d6ef3cf2c5af37
7fea352539e58b017bd00e28476c93617e775ecba8c52276325a078062633009
80aed1012c5ebab580a00f2e8d36008dad7ee3acaff810fb79af2a30f1fab574
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
82e93cabfa3d7ba419f3250be89df38fe4c44d5cd8ad582c7d8d213ad140c7f3
8405cb40d31eceb38e4b4004b29ff77a685957aadc8f30c3ad04e5009d457f3a
8496667e6ca10b43d843e825b1f87efa7afc417328b26f815c1b3c5b533ec1a8
85b0a6b7e1a39cfab0b46283acb187039816c087dba5d16b7e64f78ee59a1137
86ec2da6a4b0444953187ebca1373c7eee98813073fd5ce9046739d006220e5d
8869af124bbe2c8627b005748e14edc51d21faea8ebd2e66e8e9fde87a33aa4f
88a46561523d4c3661714edb94e4851a426665ee997240536a00d9e5ca2b23cf
88bd751de914c875cc5ca0b130ef57f97ac9f5457054659875c90414cbfdacd0
89101270369058e112ea6923c8e47ebe4318f33179dc0c2291ecf4e482135c4c
89acbeb439ca53ded13089e3f2d50ad3730c2cd93b7db96542e78380cbe169f5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
8ff648ffcf24e3c1e92b88c909fb9c52610024c7ceca7173d52e26c04d343ef4
903e1b14c5228306dec00dd70f7067e8b453913d049cd7c009202b88f13fc462
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
93c87f976cf92a16c0de1912a209b8a1d5e85fe70057222b149f4b3852ebeaed
946c9c95fb7da4ae9249907e40e11291c00135e70991d34811f08617b20a5b67
95eddbd4080973924f910a3d7ec9a34b7d298ab639caa856faf7348f745afd04
9672f7aed33ca6b1412683306bb788e3214fdaaff28c0df7e24d864a131dc8cb
971b53a83a756e75298bb86ea57eacbaf75df356ea3d10f730d8c55e99452340
9814f85523d0253897e2447a36fdbdc2a5e7647eb96c192f3d278393c955d2f2
981ec3612a2555af37cd91f60b0eac67600cd4b0e64f374c9c1773d9a768ba9b
9a63d5248095b6078fd95a59c270efae7d1cc086d9911533010bfd6555482f96
9a68896078bb7b79ae7c9b02b61d763e0c1bfc01377a43ffec36351a759bd6bd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c209e333b3d7177d47d2b6b0f1f6a5d333f31d810071dc66be386968cabf22a
9d05ae9b253cab83099387db0d3a4ec1c2be203c3738e2dcb74927c1fd6bc626
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a272a50a6b0526fe9222d72f29741b9d91a156ff75439a43b728fe1d5a6fec0f
a3553cae259e01d486edd223cbb2ec6f38c9642ea78493c22641993f31538ecf
a36cdda8d565b592edf0130d661d189932432f40e59b089ba4ab0fd7a084ea25
a4551991444bea767a97af5120479bd3b786c29a14498dc3e13a8ea3a029dced
a551f08a781c99cca27a8f613bcae18ba1dc1737e91d782f4acd1b1aa6b2819f
a57d1240d8c6330f871c4c5a9cc9207bdd3ed75bdaf8c459706ce071ec67c256
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a7cf9d7d46a9d9b0d83d6d91e82f11dd37fbffab2d8841b530f352be0cb6cbd6
a7e8444224aeacc7f941732803cb74b8e254bb6866490be791f1e1277c0abc03
a7fbb2de16ce1e9d83f24e1175f0ba873be099d5430d541b33af3397e5b140bb
a81f3342a4b058138504fa354a4d5f0447d13feb564ecce3595b81059fa1c47c
a8a062681931795ac0cb561a1491b4f8d0205c6dd84bc775e467cc05956b4b97
ab9f426a444dbb61944fd11c40469e020a7e0af90f6822284b82be8c330cc303
ac39a523505b8bfa1582a1d77caf1d83c9627c656da242fc184794d37b320034
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
ad342ee4d82e62e9f93c8fa69ec02ab20702414638ec74da029c9290424f4979
ad9a5ebe34fb1b8fe4c480c7d40f5cc13c1868e78337787044a3b189eedaec9d
ae14ba40611f7ec33a85241dee0a2a8cd81a92ed57b625a39eb43f1cab9e194c
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b0f3a4a73aba06e30a64ee1de07fd973eca14c55386e5179cd1880f51c9910d8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a48777454353c2b6ff6e617c2caf64c290e2ba4f55fd74a30d97f734198c21
b57a8f6003eed796e9d69453f3302a751ba1917002684e62c328d67953841f9a
b7123bf5d1742985950f5f6ab3845907263a91e175527eb11baae5f45c3735a9
b76448b5a037aa46fb38198b9663cefbd94bfc5ec4f4129cc292b768cc913c51
b847350797003baaec7c57aa53f5f646a9f095d37d4e313d7c46bde9b1919dfb
b8f8182f62110a45055e7ebcdcffb07337f107dba5dccc2e3acd2e43f8f11821
b928b6efb5c1a9acf68d9ddbbb3cc41c364d16fecd552526c3e15eb5cae4e17d
b98e1cfd3bc985929ee1cd472cb90f0ea7a35e2d21b9ef36865f93453eed1f4e
ba76f22ed19b751467e7866d55e3ad05f516fd6ed3d4f5dcfb8b9b9b4ef56c21
bacbba3b2a32f2c8cfda0efa75d9915951886ed0c0e830f40eb9340d94073af5
bb5f213393702a560d3da0ce6a9265b4779e5d51fadf6b2d536f280a8a17585b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bce54db0230fcefe22dfd99f4990b539959f70a01f67bf80b308e7c68c47d05a
c16389094b96875ef8d665760aff78c8746ffbf523108ddceaabb180484ecd31
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c31f0d754ea8249da695d1307e2748cc4816afff8dc48ee90656a73497fd78a7
c34e5d3266ea00298001d8d288f2772c0829a74b54b7687b683a3dcdd91a4d23
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4b95d6c1eba546a31dc86da5797e215405b7b70513633483da057aac74119ed
c74236a282de7c51b1adb984ae3cea6da6dd85b93ba2dbd25e9ed5602d428cce
c79b952455a77dfa6e4dbf3474e887a4a6cccf285881103803651bf408b4b16a
c8b2e66437f1fbfb43a6141232e5d2fd415296bf706621a931ad6158f594f9f8
c8ba2440ebe258a35f9c2252f65a5852fd9bd9538d7c2857ccb967481131fed7
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc34f96ebf6a33e9ea084b5932084e51a96c7b7b12bdc996059964a730a6babd
cd34db0cc9f488a301e6ea1c7b2cb60b31cf245b979691fae0b582e9820d2ff0
cda3dd8b74a8cb2699277dc3b4d82ac4482304fe884d47bc7638111bb5257bd8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d029bce831d30b603410e4e7b813d1e3417f8a21c2bc92878e0744a123cfd286
d08110fb32a9fa5e161050a13a7980c6db1bdfedbd3a09ea2b263c8520faa7f6
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8
d4f31876d3647b02707b37456236cecc3c652b935f3252233e349b8c62cffc2e
d4fbdb5935b28450589b76b53bb1c5d0234d14de6b66173ffc6e38b91d1b1db3
d73f53d60e8d626b9238c3334cff2d2ad92d6228ed6b0131c6e2cf488948ca60
d7cd879df53ece5f82d10656b7890db0b9210823870eef37fceef4d7b133dd1c
d7d9ae72724a0339e83f413b17c5a60aa55557299e85e5a3a1b3c26f8e5ab359
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d923c8cf686ef0bc887d54eb80db65fbd0c9fe59a259160557d948e92bb67717
d94f1a39acfe37b82ee50c1db98885a2fca89e81ca7850294df2dbde1f76972c
d960967ed945eccb4d33bbfa679a17ded4cbbe92a4f7cdf044943b70362a8d3a
d9a6b81f4f1407c44dcf833e1ec1afea59abafdda38daf88ac79963e636dadec
d9d45c678b3efcbdc0329806a66b7eb00ae36276a5b697c0ad495a8e8812c1fd
da5c90012134e30c59be615323d69ebe15f29cb6d3e3ea1d203f82fd1c0d4465
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd28fa5ae921385fbe94a0d36930110d20567393e3f9303247f989bc3c788687
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfabd954a3ec494e41f63bab6f12a56ce35150c3b6eb0da47f1e61d5c22bfc2a
dffc4962ad31d0cbc29f7114693cd9caa624e37eff61d175933bcbd16dc2e9e6
e05a8574dbcdda2b12d655df53c484999c3f602a7cc74602c8a5ec3f792d5b25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e591c15373d8fcf0ff0b9fdc9022b28f8701eae07a4d1c7144a7a5cc82fb3233
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84
e8b26785ed28c0d29cef2def12495e32c955fb914d87a66a5b354622d55a5ac7
e9bae68802bf7cbec4ece3226200543619bba15d56ce807133e3da2ff134944d
ead0293d41f0c5fef76a0205ad3060391bdbeec5ae4920c5c6d2edec8bdea2e6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
eccd73d42235a1d7b7262da7b14af71b9bb00c1995e3840993fd3c1fa304d0e5
edf257c2cec275f80b13f6fd85cb131202b48d99be9696bbfaf9e485519c1df3
ef15a58f1f8e17425aa3f6ba07d25502fa0de8d0206a8f42c47002865010dacf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9ae33252a3038ce4520e70c867f86072c4a05ba8bfe039179e68eb650db74
f05e45157561299fdf9c77b4ead956006bd678b5e82ad3180d5284e333c3ca28
f3bccf2ba4483214a64dd5d4222b45ae474f5d51bbc50bc80e7c78445e621772
f427f224390a7e9de6aacd67a2dff4d0d5112da02b301cf4c76b0cc2fcbb9f9d
f48a6d82840fe8d6952bd2570b2f0a960b42bba1b10d4786b0564f04be87fa19
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f8f0a3a57a6375a0604e8b4fd0b631c441bbc721f280fe5970b5717eff4cff6b
f9b4166ff63d1a3eb4a3c836657a5ab0edcfbe3c2026ada3ae97726efe72a4f6
fb03ad2f6c5f2bec8c0092f4ce2977daf0b27e1c8eb29896f0d048f693240db6
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a
fc8463e5701a90b0f5686a725b46bd98733a03375d850a52088f4ad319fcf081
fca08beff880f012b419c9f0259f1a5d7d332a97156669688eec7b7c9a6cbe80
fcc09471e9aadf4816df5d88a00594ed8bfad977bd4ffb303002a76ace38f7da
fd4afeeb14c69ea6c3d2fcdb1fc6a1c065b6ed3c91fbf3dbb4dd15d1385a4661
ff1b5c7d8a81606c646ab1453a3d6abfbe950226ffba103627f2aa12b6dc00f9