www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.to/china-expert-warns-of-ccp-virus-half-truths
Effective URL:
https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Submission: On August 14 via api (August 14th 2022, 7:32:59 am UTC) from QA — Scanned from DE

Summary HTTP 223 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 59 IPs in 10 countries across 37 domains to perform 223 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 458417.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2021. Valid for: a year.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:2a1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
6	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
10	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
1	23.35.237.64 23.35.237.64	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a02:26f0:dc:... 2a02:26f0:dc::217:610b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.139.63 18.66.139.63	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	54.78.145.15 54.78.145.15	16509 (AMAZON-02) (AMAZON-02)
1	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	35.201.68.206 35.201.68.206	15169 (GOOGLE) (GOOGLE)
9	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	34.120.33.89 34.120.33.89	15169 (GOOGLE) (GOOGLE)
4	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
4	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
3	54.154.173.206 54.154.173.206	16509 (AMAZON-02) (AMAZON-02)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
6	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
9	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
12	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	82.202.225.227 82.202.225.227	50340 (SELECTEL-MSK) (SELECTEL-MSK)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	52.218.250.56 52.218.250.56	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c111:9aee:7bd3:6707	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	54.146.208.95 54.146.208.95	14618 (AMAZON-AES) (AMAZON-AES)
1 1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	3.120.100.229 3.120.100.229	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:5c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:4c96:5596:18cd:cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.19.116 107.21.19.116	14618 (AMAZON-AES) (AMAZON-AES)
1	52.207.193.102 52.207.193.102	14618 (AMAZON-AES) (AMAZON-AES)
2	52.24.31.78 52.24.31.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:ea4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.139.91 18.66.139.91	16509 (AMAZON-02) (AMAZON-02)
223	59

1 2606:4700:3037::6815:2a1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:dc::217:610b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

vs1.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-63.fra60.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.78.145.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

vs1.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com

comment.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.7.168.74 (New York, United States)

ASN3356 (LEVEL3, US)

ea.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.173.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-173-206.eu-west-1.compute.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static6.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static7.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.202.225.227 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel21.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.250.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:27a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:832 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c111:9aee:7bd3:6707 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.208.95 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-208-95.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.100.229 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-229.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.19.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-116.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.193.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-193-102.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.24.31.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-31-78.us-west-2.compute.amazonaws.com

ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea4f (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-91.fra60.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	ntd.com www.ntd.com — Cisco Umbrella Rank: 458417 img.ntd.com — Cisco Umbrella Rank: 359522	3 MB
37	youmaker.com subs.youmaker.com — Cisco Umbrella Rank: 70329 vs1.youmaker.com — Cisco Umbrella Rank: 74392 sc.youmaker.com — Cisco Umbrella Rank: 65463 www.youmaker.com — Cisco Umbrella Rank: 60977 comment.youmaker.com — Cisco Umbrella Rank: 47653 ea.youmaker.com — Cisco Umbrella Rank: 580047	2 MB
17	adnxs.com 1 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1871 ib.adnxs.com — Cisco Umbrella Rank: 238 acdn.adnxs.com — Cisco Umbrella Rank: 584 secure.adnxs.com — Cisco Umbrella Rank: 462	63 KB
14	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 eus.rubiconproject.com — Cisco Umbrella Rank: 588 pixel.rubiconproject.com — Cisco Umbrella Rank: 326 token.rubiconproject.com — Cisco Umbrella Rank: 707	17 KB
14	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 118 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	154 KB
12	mixi.media mixi.media — Cisco Umbrella Rank: 41819 static.mixi.media — Cisco Umbrella Rank: 80061 target.mixi.media — Cisco Umbrella Rank: 52423 static6.mixi.media — Cisco Umbrella Rank: 65068 static7.mixi.media — Cisco Umbrella Rank: 86899 static4.mixi.media — Cisco Umbrella Rank: 101084 static3.mixi.media — Cisco Umbrella Rank: 65162 static8.mixi.media — Cisco Umbrella Rank: 57347	438 KB
12	googlesyndication.com 3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 124	959 KB
12	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264 s.amazon-adsystem.com — Cisco Umbrella Rank: 288	48 KB
9	clickcertain.com 6 redirects a.clickcertain.com — Cisco Umbrella Rank: 3904	7 KB
9	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1375 exchange.postrelease.com — Cisco Umbrella Rank: 5137	5 KB
7	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	24 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	376 KB
6	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 576 b-code.liadm.com — Cisco Umbrella Rank: 3458 rp.liadm.com — Cisco Umbrella Rank: 1709 rp4.liadm.com — Cisco Umbrella Rank: 8285 idx.liadm.com — Cisco Umbrella Rank: 3114	14 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792	1 KB
4	stat.media stat.media — Cisco Umbrella Rank: 28783	29 KB
3	amazonaws.com s3-us-west-2.amazonaws.com ckjjzdn8vk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 73433	33 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5596 adservice.google.de — Cisco Umbrella Rank: 8117	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	115 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 469	589 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ads.yahoo.com — Cisco Umbrella Rank: 2334	1 KB
2	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 22877	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 145	2 KB
1	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 16359	21 KB
1	epoch.cloud services.epoch.cloud — Cisco Umbrella Rank: 92831	2 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 361	708 B
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 40952	635 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 2636	104 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1010	535 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 506	354 B
1	t.co t.co — Cisco Umbrella Rank: 445	337 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 609	15 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 448	125 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	38 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 2841	135 KB
1	tnews.to 1 redirects tnews.to	922 B
223	37

	Domain	Requested by
27	img.ntd.com	www.ntd.com
22	www.ntd.com	www.ntd.com
11	comment.youmaker.com	www.ntd.com comment.youmaker.com
10	subs.youmaker.com	www.ntd.com subs.youmaker.com
9	a.clickcertain.com	6 redirects a.remarketstats.com a.clickcertain.com
9	ib.adnxs.com	www.ntd.com acdn.adnxs.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ntd.com
9	vs1.youmaker.com	www.ntd.com vs1.youmaker.com
6	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	onetag-sys.com	www.ntd.com
6	jadserve.postrelease.com	s.ntv.io www.ntd.com
6	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
5	token.rubiconproject.com	5 redirects
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.com	www.ntd.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	pixel.rubiconproject.com	2 redirects
4	cm.g.doubleclick.net	2 redirects
4	stat.media	mixi.media stat.media
4	prebid.adnxs.com	www.ntd.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	ea.youmaker.com	subs.youmaker.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	acdn.adnxs.com	www.ntd.com
3	mixi.media	www.ntd.com static.mixi.media
3	fastlane.rubiconproject.com	www.ntd.com
3	exchange.postrelease.com	www.ntd.com
3	www.googletagservices.com	www.ntd.com securepubads.g.doubleclick.net
3	fonts.gstatic.com	www.ntd.com www.google.com
2	ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	s3-us-west-2.amazonaws.com
2	x.bidswitch.net	1 redirects a.clickcertain.com
2	i.liadm.com	2 redirects
2	pixel.tapad.com	2 redirects
2	eus.rubiconproject.com	www.ntd.com eus.rubiconproject.com
2	static4.mixi.media	www.ntd.com
2	static.mixi.media	mixi.media www.ntd.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.youmaker.com	www.ntd.com vs1.youmaker.com
2	js.chargebee.com	subs.youmaker.com js.chargebee.com
2	www.google-analytics.com	www.ntd.com www.google-analytics.com
2	sb.scorecardresearch.com	www.ntd.com
1	clientcdn.pushengage.com	www.ntd.com
1	services.epoch.cloud	www.ntd.com
1	idx.liadm.com	b-code.liadm.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	secure.adnxs.com	1 redirects
1	px.ads.linkedin.com
1	ads.yahoo.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	a.remarketstats.com	1 redirects
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	static8.mixi.media	www.ntd.com
1	static3.mixi.media	www.ntd.com
1	static7.mixi.media	www.ntd.com
1	static6.mixi.media	www.ntd.com
1	target.mixi.media	www.ntd.com
1	prebid-match.dotomi.com	www.ntd.com
1	sync.go.sonobi.com	www.ntd.com
1	3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	analytics.twitter.com	www.ntd.com
1	t.co	www.ntd.com
1	www.google.de	www.ntd.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sc.youmaker.com	www.ntd.com
1	static.ads-twitter.com	www.ntd.com
1	imasdk.googleapis.com	vs1.youmaker.com
1	www.googletagmanager.com	www.ntd.com
1	s.ntv.io	www.ntd.com
1	tnews.to	1 redirects
223	72

This site contains links to these domains. Also see Links.

Domain
legendsunfolding.com
newsletter.ntd.com
www.ntdtv.com
ntdtv.fr
www.ntdtv.kr
www.ntdtv.jp
www.ntdvn.net
ntdtv.ru
www.facebook.com
twitter.com
www.youmaker.com
mixi.media

Subject Issuer	Validity	Valid
*.ntd.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-11` - `2022-09-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-06-23`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
js.chargebee.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
mixi.media R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
static.mixi.media R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
stat.media R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
target.mixi.media R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2022-07-02` - `2023-07-31`	a year	crt.sh
*.pushengage.com Amazon	`2022-02-18` - `2023-03-17`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Frame ID: 04B9841316556FCA2D661D2F4842A983
Requests: 163 HTTP requests in this frame

Frame: https://3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B52694FCB17A5C2233F11611A8D89671
Requests: 1 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMkhFJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUwLjEwNDklMkMlMjJsb25naXR1ZGUlMjIlM0E4LjYyOTUlN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
Frame ID: DBCB516AE117B1E79851AB80D5C09812
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=2h2a5zn8akei
Frame ID: A74B083E8A1BF8DE1CAC2CAF70971E10
Requests: 7 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Frame ID: 2DBD21CEF2022E6857AA6B742AAAC6A1
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveD_i6n9uVRvqfYvvpozXYbMPD3zi6iwtK65gHM5wLwKrclKAlvojAybfPCD3jAQIntKAUMU7AMF7e4M0jTiJQb-z03J0HFm-oOZzhRY9As_8cmDS0v5BA-uN6dIVkMaFJwH4VG6ymRgsv4sL2lJjU9-u2zVtRTqS09OIQBnvlziDOuH0tpp06S-NzkiV2Rhr9T1AgghqCVF2YfjoENeZzG4BqXodxSAGiDRZle0cTe_8wG3tLs6fsugBPHyfROLgE1fqk-iNruP7IUNhayGFXcoJasdW0SYezHEoLTcfbZ28U4mb501uLSsfOs_cYK53HHpoHvx7K7L8aK0mgqllCEOSzP4PNqI3_TZeoCEOqCukEilIC3je8oDEs&sai=AMfl-YS6ugKXpklL0xo2S3W_4gd8SIStgDKaIOtHmSDgrmElBSqEcPFMG9TIwsjc_hBHi6hqySFAUrSwwr3Wm1A4bjOGWhrZfW_Y2tBeH9L6uRSC9neEszhaW68uAetNBA&sig=Cg0ArKJSzCO9S7IicgpbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C66EC33430594496EB0D504E8A7B2E38
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9GOj3wJuGAbQuIo1O-6-_34u4sAwXLKRk5pzZnjqCgCBR_G7Z5z4qAxGpoGE7JN38-kUs1ShHYKvwIaPVxGquyBT6rPSbrgLVePlEcpFiK9nXpbPXSHJMusE5c2B8p0IToAA6Iko1ntTMyBkBWGO0ldOqirCqcmEDW2gM4jL-UQkBZwjJR0DlUqxJBzHCbdy_4goQX1PITjBMnI0sNU3TObnMs1lDFsP4Vc6wi6mxsJWM1-cuVTNmU9x64ap9Rl26F2k-P8i7TNTi6OyVN_VDWbJeRXsSHMc4JGNa8XGtsGFZ8qJZHT2euafYD_hl3riIhN3cmRCgqBQP1WSUz5r9NBdqnU2b4iHp5tRw-F75C-PG&sai=AMfl-YSBokcW-ywnALzWrxRO0WXF4qYKJsWJYD_3vcoNKD87FRxzQfXCZuewBX5KATcZWQm_qKRnnD7VYuC2nUsMsiz2vasL4nycTZkcFht4-UsTzZy4T7A-ohphnV6MBQ&sig=Cg0ArKJSzNMfO5VwSc8-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6592314A5B3423A4D38E6D054621EE18
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660462372460
Frame ID: C438E17F061CF9AA469D14DA6FD55301
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660462372461
Frame ID: 2DDE3DD8DE366642304789E461F02D54
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A5DC77DD0475E5818DBB8439DD84D05C
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29202E2EF1D01C6C39B9EC1A0313437E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A01EAE03FBF6456F8409B8FE3DB6805A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660462372461
Frame ID: 29BA9B0953E26AA7BFDBF30E5DE10593
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B8AEC0FD0071A96D8862F34F48EB2232
Requests: 3 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&cn=DE
Frame ID: BE607F6CB831051130662A1DE22117A6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9F83A05F2A5CB2AE03DAC3AAE066401
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11ADAB9F71D165B80A41B95E7D139A48
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

China Expert Warns of CCP Virus ‘Half-Truths’

Page URL History Show full URLs

https://tnews.to/china-expert-warns-of-ccp-virus-half-truths HTTP 307
https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

223
Requests

93 %
HTTPS

41 %
IPv6

37
Domains

72
Subdomains

59
IPs

10
Countries

7801 kB
Transfer

11296 kB
Size

53
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://legendsunfolding.com/
Title: Legends Unfolding

Search URL Search Domain Scan URL

URL: http://newsletter.ntd.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.ntdtv.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://ntdtv.fr/
Title: FRENCH

Search URL Search Domain Scan URL

URL: https://www.ntdtv.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.ntdtv.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.ntdvn.net/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://ntdtv.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=China%20Expert%20Warns%20of%20CCP%20Virus%20%26%238216%3BHalf-Truths%26%238217%3B&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&via=news_ntd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youmaker.com/video/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2
Title: Watch on

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12324908&bl=95162&ct=adpreview&st=46&nvuuid=a5107342-262c-ba6c-6200-0023f8bc018e&bvuuid=1d12c2b6-9140-46fc-a9ef-abc6f23895e4&rnd=596525676&ag=25&ev=H4sIAAAAAAAA_-OSWLPgA-uELR9Z_wNxz7EPrGcevWP90_yRFQB2q5SXGgAAAA&suid=CiRhYWZkYmU2MS05ZDg1LTQ2NjQtYTVkYi04ZjdiZDc0YTQ5YWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12343824&bl=95162&ct=adpreview&st=46&nvuuid=a55a736f-2610-ba3b-6200-004af8bc019c&bvuuid=1d12c2b6-9140-46fc-a9ef-abc6f23895e4&rnd=1251766075&ag=25&ev=H4sIAAAAAAAA_-OSWLPgA-uELR9Z_wNxz7EPrGcevWP90_yRFQB2q5SXGgAAAA&suid=CiRhYWZkYmU2MS05ZDg1LTQ2NjQtYTVkYi04ZjdiZDc0YTQ5YWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12343935&bl=95162&ct=adpreview&st=46&nvuuid=a55a73b5-267f-ba07-6200-000cf8bc0151&bvuuid=1d12c2b6-9140-46fc-a9ef-abc6f23895e4&rnd=206681351&ag=25&ev=H4sIAAAAAAAA_-OSWLPgA-uELR9Z_wNxz7EPrGcevWP90_yRFQB2q5SXGgAAAA&suid=CiRhYWZkYmU2MS05ZDg1LTQ2NjQtYTVkYi04ZjdiZDc0YTQ5YWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12329740&bl=95162&ct=adpreview&st=46&nvuuid=a52373b7-260c-ba13-6200-0075f8bc01ff&bvuuid=1d12c2b6-9140-46fc-a9ef-abc6f23895e4&rnd=1979692819&ag=25&ev=H4sIAAAAAAAA_-OSWLPgA-uELR9Z_wNxz7EPrGcevWP90_yRFQB2q5SXGgAAAA&suid=CiRhYWZkYmU2MS05ZDg1LTQ2NjQtYTVkYi04ZjdiZDc0YTQ5YWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12300620&bl=95162&ct=adpreview&st=46&nvuuid=a5b17345-264c-baff-6200-0018f8bb0194&bvuuid=1d12c2b6-9140-46fc-a9ef-abc6f23895e4&rnd=412370431&ag=25&ev=H4sIAAAAAAAA_-OSWLPgA-uELR9Z_wNxz7EPrGcevWP90_yRFQB2q5SXGgAAAA&suid=CiRhYWZkYmU2MS05ZDg1LTQ2NjQtYTVkYi04ZjdiZDc0YTQ5YWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12337660&bl=95162&ct=adpreview&st=46&nvuuid=a54173e0-26fc-ba25-6200-0002f8bc0119&bvuuid=1d12c2b6-9140-46fc-a9ef-abc6f23895e4&rnd=35250213&ag=25&ev=H4sIAAAAAAAA_-OSWLPgA-uELR9Z_wNxz7EPrGcevWP90_yRFQB2q5SXGgAAAA&suid=CiRhYWZkYmU2MS05ZDg1LTQ2NjQtYTVkYi04ZjdiZDc0YTQ5YWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.to/china-expert-warns-of-ccp-virus-half-truths HTTP 307
https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 183

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=china-expert-warns-of-ccp-virus-half-truths_687400.html HTTP 302
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=china-expert-warns-of-ccp-virus-half-truths_687400.html HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHP2wUMexok_qvy4zpuMLoM&google_cver=1

Request Chain 198

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/PQWImfy5WzcHn-ygDU1kyA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2197295619148921594

Request Chain 199

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjODAwNGQ5ZTg5NmYwMWY0OTAzZWNlMjNmYWIyMDI5NTQzMDlmZg

Request Chain 200

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6T0FAGV-U-2LJZ&sigv=1&esig=2~37f7ddca675354b0c7ebf69c37e431d2bd7dfffb

Request Chain 201

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6T0FAGV-U-2LJZ

Request Chain 202

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=96IOWHBuTMadKcNwwJ5pqA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=96IOWHBuTMadKcNwwJ5pqA

Request Chain 203

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GgHgdPhSSKqfj_980OaT1w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GgHgdPhSSKqfj_980OaT1w

Request Chain 204

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZUMEZBR1YtVS0yTEpa

Request Chain 206

https://a.clickcertain.com/px/ta/?ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=7cdb7598-1d81-401e-b62d-5cd96ca8cf0d

Request Chain 207

https://a.clickcertain.com/px/r/?ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7e75a718%25252da979%25252d4ca3%25252da110%25252d4b5ccd3c6513%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7e75a718%25252da979%25252d4ca3%25252da110%25252d4b5ccd3c6513%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&_li_chk=true&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&previous_uuid=00456cd2612f43249b2467b87993a814 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d7e75a718%252da979%252d4ca3%252da110%252d4b5ccd3c6513%2526anx_uId%253d%2524UID&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d7e75a718%2da979%2d4ca3%2da110%2d4b5ccd3c6513%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e75a718%2Da979%2D4ca3%2Da110%2D4b5ccd3c6513%26anx_uId%3D%24UID&google_gid=CAESEOuN2x-_bb1Lov9EEuL2S0Y&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&anx_uId=7544850076752873303 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&expires=5&user_group=0

Request Chain 209

https://rp.liadm.com/j?dtstmp=1660462375409&se=e30&duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&wpn=lc-bundle HTTP 302
https://rp4.liadm.com/j?dtstmp=1660462375409&se=e30&duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6MjcyOjoyZQ%3D%3D&n3pc=true

223 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request china-expert-warns-of-ccp-virus-half-truths_687400.html Show response
www.ntd.com/
Redirect Chain

https://tnews.to/china-expert-warns-of-ccp-virus-half-truths
https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

40 KB
10 KB

699ms
595ms

Document
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

4ea424c7fd7b449857bd4b61c4b1880d4b92aa5e2f2729a18732be5ec37aff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=529
content-encoding: gzip
content-length: 10100
content-type: text/html; charset=UTF-8
date: Sun, 14 Aug 2022 07:32:51 GMT
server: nginx/1.20.1
x-cache-status: MISS
x-content-type-options: nosniff
x-device: desktop
x-hw: 1660462370.cds237.lo4.hn,1660462370.cds218.lo4.sc,1660462370.dop103.sj3.r,1660462371.cds097.sj3.c,1660462371.cds218.lo4.p
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 73a7ffab0a3a59bf-MXP
content-type: text/html; charset=UTF-8
date: Sun, 14 Aug 2022 07:32:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 07 Jul 1777 07:07:07 GMT
location: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gQL2Xjhmp9GuMNNXNxc2WCNlH57vhE1UukhpGUwFtLVJjUVtBdrbrrPrDcns6NxAFcoJHCC3KIL%2Fqk5mSC1bRqOsQ%2BdNy0HWi5hlRxY0Mhzh1farGIVjrLTErv9vh3t0uguC7LsOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-robots-tag: noindex, nofollow

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 64ms
17ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 14 Aug 2022 06:57:53 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront), 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 2099
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: kQAy0imyFEMbJVvdpNkfwigx5oWf6IWeLWRvMervbSlWHhxJki19AA==

GET
H2 200 prebid.js Show response
www.ntd.com/assets/themes/m-ntd/js/ads/ 275 KB
100 KB 66ms
63ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 18:28:07 GMT
server: nginx/1.20.1
x-microcachable: 0
etag: W/"6297afb7-44d5b"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds319.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 102353
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 template.css
subs.youmaker.com/lib/ 3 KB
3 KB 202ms
127ms Stylesheet
text/css 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css?ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c84e3c10e7e6872f1565ed0fcbd34d0e90926ed48b46a882d66f3f81ac40b26d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
via: 1.1 google
last-modified: Fri, 05 Aug 2022 16:16:05 GMT
server: nginx/1.20.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3277

GET
H2 200 style.css
www.ntd.com/assets/themes/ntd/ 2 KB
1014 B 35ms
33ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 14:57:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6be0-6aa"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds288.lo4.c
content-type: text/css
cache-control: max-age=1800
content-length: 859
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.ntd.com/assets/themes/ntd/css/ 25 KB
7 KB 35ms
34ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Nov 2021 15:39:08 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"61a4f41c-63d3"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds256.lo4.c
content-type: text/css
cache-control: max-age=1800
content-length: 6600
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/ 41 KB
26 KB 39ms
38ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:24:00 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"6089d270-a2da"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds222.lo4.c
content-type: text/css
cache-control: max-age=1800
content-length: 26471
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 single.css
www.ntd.com/assets/themes/ntd/css/ 15 KB
4 KB 62ms
60ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e7cee0a0eb35e96c9a23a587db0ae9e57a4d440d42ce34a686dbeb5c3b9ee3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 Mar 2022 17:23:01 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"623f4bf5-3dea"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds281.lo4.c
content-type: text/css
cache-control: max-age=1800
content-length: 4294
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 print.css
www.ntd.com/assets/themes/ntd/css/ 532 B
431 B 41ms
40ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/print.css?ver=20200706

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 18:35:54 GMT
server: nginx/1.12.2
etag: W/"5f036f0a-214"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds277.lo4.c
content-type: text/css
cache-control: max-age=1800
content-length: 320
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 472 KB
135 KB 159ms
57ms Script
application/x-javascript 23.35.237.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:51 GMT
Content-Encoding: gzip
x-amz-request-id: XY4QPPM1PVAMGPKR
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: BsgaJPxNie3pNmJM9R1DoeyeiuGbdvH1Ra83jzxYxtJLN4963yy6NrhGaMyJsXUJGtsQYQXv6Ho=
Last-Modified: Fri, 12 Aug 2022 01:01:09 GMT
Server: AmazonS3
ETag: "febd3311857289fff1b140dfb03d0b67"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 LIVE_TV.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 40ms
36ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/LIVE_TV.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 18:53:29 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "617af1a9-615"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds325.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1557
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_ntd_evening_news.jpg
img.ntd.com/assets/uploads/2021/02/ 64 KB
64 KB 75ms
48ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_evening_news.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Tue, 02 Feb 2021 20:05:39 GMT
server: nginx/1.12.2
etag: "6019b093-ffc1"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds075.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65473

GET
H2 200 ChinaInFocus-412x222-20220411.jpg
img.ntd.com/assets/uploads/2022/04/ 55 KB
55 KB 75ms
48ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/04/ChinaInFocus-412x222-20220411.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 854618e81eb4673bce5dd08f3f5711621bc6364e51f3a3b1de6eec0e8f943ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Tue, 12 Apr 2022 01:58:08 GMT
server: nginx/1.12.2
etag: "6254dcb0-dbe5"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds271.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 56293

GET
H2 200 NTD-Good-Morning-412x222.jpg
img.ntd.com/assets/uploads/2022/07/ 147 KB
147 KB 98ms
72ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/07/NTD-Good-Morning-412x222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 09a844ff5ec0824771ea4f9fe9599a2aa92a2e6c41bc5aefa9fea5e196e30dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Sun, 31 Jul 2022 04:37:10 GMT
server: nginx/1.20.1
etag: "62e606f6-24c83"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds044.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 150659

GET
H2 200 Fresh-Look-America-412-222.jpg
img.ntd.com/assets/uploads/2022/07/ 60 KB
60 KB 92ms
65ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/07/Fresh-Look-America-412-222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e4328db66139f0cb514c6b497dacd62b839692dbe739980c3d9b9934e816938f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Tue, 05 Jul 2022 15:12:10 GMT
server: nginx/1.20.1
etag: "62c454ca-f0da"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds265.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61658

GET
H2 200 Capitol-Report-412_222.jpg
img.ntd.com/assets/uploads/2021/09/ 61 KB
61 KB 120ms
93ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/09/Capitol-Report-412_222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Sat, 25 Sep 2021 15:44:11 GMT
server: nginx/1.12.2
etag: "614f43cb-f36a"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds276.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62314

GET
H2 200 95053e83b9351098938db8f28bdb1ba3.jpg
img.ntd.com/assets/uploads/2022/01/ 104 KB
104 KB 111ms
85ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/01/95053e83b9351098938db8f28bdb1ba3.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Thu, 27 Jan 2022 03:43:28 GMT
server: nginx/1.12.2
etag: "61f214e0-19f08"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds081.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106248

GET
H2 200 Wide-Angle-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 147 KB
147 KB 35ms
35ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/Wide-Angle-NTD-412x222.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Mon, 05 Apr 2021 04:06:40 GMT
server: nginx/1.12.2
etag: "606a8cd0-24c4a"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds068.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 150602

GET
H2 200 The-Beau-Show-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 146 KB
146 KB 37ms
37ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/The-Beau-Show-NTD-412x222.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Mon, 05 Apr 2021 04:06:27 GMT
server: nginx/1.20.1
etag: "606a8cc3-248d6"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds261.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 149718

GET
H2 200 eat-better-412_222-final.jpg
img.ntd.com/assets/uploads/2021/09/ 640 KB
640 KB 57ms
55ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/09/eat-better-412_222-final.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f81fafb66225e1363d488149050f651f1a51501deda76278b4911e90d85c4ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Sat, 25 Sep 2021 02:57:11 GMT
server: nginx/1.20.1
etag: "614e9007-9fe0a"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds251.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 654858

GET
H/1.1 200
OK 8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2 Show response
vs1.youmaker.com/assets/player/ 7 KB
3 KB 292ms
108ms Script
application/json 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/player/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2?r=1280x720&cat=shows/ntd-uk-news&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&poster=https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7e98d4c09eb60016287d23f9924708bacce63c2b285d0946f0af6ccca5915ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:51 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=31535989
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 2684
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC

GET
H2 200 watch_ntd_on.png
www.ntd.com/assets/themes/ntd/images/ 20 KB
20 KB 40ms
37ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/watch_ntd_on.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 22:32:45 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "6192e00d-50f6"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds328.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 20726
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 watch_ntd_row1-2.png
img.ntd.com/assets/uploads/2021/11/ 64 KB
64 KB 132ms
132ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row1-2.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Mon, 15 Nov 2021 20:41:36 GMT
server: nginx/1.12.2
etag: "6192c600-fe6b"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds061.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65131

GET
H2 200 watch_ntd_row2-2.png
img.ntd.com/assets/uploads/2021/11/ 93 KB
93 KB 121ms
120ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row2-2.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Mon, 28 Mar 2022 20:40:33 GMT
server: nginx/1.12.2
etag: "62421d41-172a7"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds321.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 94887

GET
H2 200 Anne_Heche_Crash_22221528554910-270x152.jpeg
img.ntd.com/assets/uploads/2022/08/ 17 KB
17 KB 129ms
128ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Anne_Heche_Crash_22221528554910-270x152.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c7271c2ba7e33930b7557517a5187c14ecfcf328012d5d3c376936a65a7863aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Sat, 13 Aug 2022 18:55:21 GMT
server: nginx/1.20.1
etag: "62f7f399-4438"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds036.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17464

GET
H2 200 Trump-GettyImages-1242419055-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 12 KB
12 KB 112ms
111ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Trump-GettyImages-1242419055-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2e7d902bcc53dbc8643eddb9174c2baa9656d29915dea7f6a06f3af07ad49703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Wed, 10 Aug 2022 15:39:57 GMT
server: nginx/1.20.1
etag: "62f3d14d-312b"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds260.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12587

GET
H2 200 Anne_Heche_Crash_22221528585467-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 5 KB
5 KB 103ms
102ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Anne_Heche_Crash_22221528585467-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3e7608a4a191f43ba5abd88f104fd1a1a31dcce6a8d9edefa3f913bd30179829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Fri, 12 Aug 2022 21:33:53 GMT
server: nginx/1.20.1
etag: "62f6c741-1287"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds005.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4743

GET
H2 200 trump-mulvaney-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 7 KB
7 KB 72ms
71ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/trump-mulvaney-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 28d309c3efe79160ec57b3450c8f6652eb16e5acf51405d50fae13cfa1258ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Fri, 12 Aug 2022 13:18:48 GMT
server: nginx/1.20.1
etag: "62f65338-1abd"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds236.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6845

GET
H2 200 Salman-Rushdie-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 16 KB
16 KB 69ms
67ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Salman-Rushdie-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 86f15b0fa381f308d0878fbcedb296bfdb166f7fa576cef934a28ca958e385fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Fri, 12 Aug 2022 18:42:59 GMT
server: nginx/1.20.1
etag: "62f69f33-3f26"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds288.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16166

GET
H2 200 Montenegro-firefighter-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 16 KB
16 KB 69ms
68ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Montenegro-firefighter-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: cec1bf3a98ee7ea6198b63e4b632d8e25599a74e35c06f9b499bd373da8dfb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Fri, 12 Aug 2022 19:42:02 GMT
server: nginx/1.20.1
etag: "62f6ad0a-4176"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds010.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16758

GET
H2 200 white.png
www.ntd.com/assets/themes/ntd/images/ 95 B
204 B 41ms
39ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 14:57:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-5f"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds321.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 footer-2_949x356.jpg
img.ntd.com/assets/uploads/2021/02/ 349 KB
350 KB 45ms
42ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/footer-2_949x356.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
last-modified: Wed, 03 Feb 2021 22:50:49 GMT
server: nginx/1.12.2
etag: "601b28c9-573d6"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds080.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 357334

GET
H2 200 jquery-all.min.js Show response
www.ntd.com/assets/themes/ntd/js/ 98 KB
40 KB 35ms
35ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 14:57:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6be0-188ff"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds314.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.js Show response
www.ntd.com/assets/themes/ntd/js/ 39 KB
13 KB 39ms
34ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7e842ae6e9fc0ea12a6e5750d1ac7138df0084feebe6e52d1193322fb159301e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jun 2022 17:38:27 GMT
server: nginx/1.20.1
x-microcachable: 0
etag: W/"629e3b93-9bdb"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds233.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 12950
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.youmaker.com/lib/ 215 KB
215 KB 149ms
143ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 6ab73c869d9858004aecfd99a2343f4bf14f9db19d0733fb5ed3bff2878501ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
via: 1.1 google
last-modified: Fri, 05 Aug 2022 16:16:05 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219969

GET
H2 200 article_ads.js Show response
www.ntd.com/assets/themes/ntd/js/ 27 KB
8 KB 40ms
35ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20220810

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

be75685a573924fd14db00ac0d9da6d951c2352dc4649f36c94912e2d4596eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 14:05:38 GMT
server: nginx/1.20.1
x-microcachable: 0
etag: W/"62f3bb32-6b45"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds070.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 7781
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 50ms
17ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30588
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Sat, 13 Aug 2022 23:03:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Whtr7Ri27Xy_vcfjyjROE8X5o5DGJbpIYTPC1w2IIFp35CpfBjE9Ng==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
38 KB 70ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd3b2446c0fd6392dd4c963d5eb37248ccf119df0628497ee78c52884abbd613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38618
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Aug 2022 07:32:51 GMT

GET
H2 200 NTDLogo.svg
www.ntd.com/assets/themes/ntd/images/ 660 B
550 B 40ms
40ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Nov 2021 15:31:27 GMT
server: nginx/1.12.2
etag: "618e88cf-294"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds089.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 428
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Medium.otf
www.ntd.com/assets/themes/ntd/fonts/ 118 KB
119 KB 40ms
40ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Medium.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1d9d8"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds040.lo4.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 121304
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Bold.otf
www.ntd.com/assets/themes/ntd/fonts/ 122 KB
122 KB 44ms
43ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Bold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1e6ec"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds260.lo4.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 124652
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 header-handshake.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 59ms
59ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/header-handshake.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:31 GMT
server: nginx/1.12.2
etag: "606f685f-61d"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds083.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1565
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 156ms
23ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 04:55:41 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 9431
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: oJ2E9jaP7046EmBoRNvk1dY16oJyf9C5LIbHrWSDKKDz1286sOHipQ==

GET
H/1.1 200
OK vplayer.css
vs1.youmaker.com/assets/css/ 35 KB
10 KB 39ms
39ms Stylesheet
text/css 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/css/vplayer.css?ver=15.2
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2?r=1280x720&cat=shows/ntd-uk-news&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&poster=https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f56cd1f817c7f3d947a4f5e73d6e7ea6736f17835869a361115b000e3ab0baac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:51 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=26680084
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 9390
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
125 KB 147ms
54ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2?r=1280x720&cat=shows/ntd-uk-news&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&poster=https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e083bdb3ff06c71a5ac92ecadf7a268e26dacf715baae6e84a6a3f3711366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127744
x-xss-protection: 0
expires: Sun, 14 Aug 2022 07:32:51 GMT

GET
H/1.1 200
OK epochplayer7.min.js Show response
vs1.youmaker.com/assets/js/ 563 KB
158 KB 73ms
33ms Script
application/javascript 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2?r=1280x720&cat=shows/ntd-uk-news&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&poster=https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: abeed4f18f48c235ffd15e3864555d3a1bb1d6b02820680f892b9eb28d1ab508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:51 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=26859385
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 161198
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC

GET
H/1.1 200
OK vplayer.min.js Show response
vs1.youmaker.com/assets/js/ 22 KB
8 KB 88ms
40ms Script
application/javascript 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/js/vplayer.min.js?ver=15.2
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2?r=1280x720&cat=shows/ntd-uk-news&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&poster=https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1addb10208b8edfe1ffa0ff6735c648e534964150e38bbadd0bf1ea231c4218f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:51 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=26312420
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 7696
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC

GET
H/1.1 200
OK epochplayer7.ads.min.js Show response
vs1.youmaker.com/assets/js/ 61 KB
14 KB 126ms
65ms Script
application/javascript 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/js/epochplayer7.ads.min.js
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2?r=1280x720&cat=shows/ntd-uk-news&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&poster=https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: b25ad312b1dfbfa0c2fe26c788828fb10a5abb0c3abfaa240804d1bb36358591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:51 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=29555526
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 13661
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
27ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1851
date: Sun, 14 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 14 Aug 2022 09:02:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 304ms
26ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 21:38:45 GMT
etag: "ca88912498e17137955859948f14e272+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15196
x-served-by: cache-iad-kjyo7100128-IAD, cache-vie6368-VIE

GET
H2 200 ENTD_Play.svg
www.ntd.com/assets/themes/ntd/images/ 2 KB
1 KB 49ms
49ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/ENTD_Play.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-7e6"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds101.lo4.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 938
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 NTD_logo.png
www.ntd.com/assets/themes/ntd/images/ 4 KB
4 KB 49ms
47ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 19:44:39 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5ed94f27-f46"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds064.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 3910
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 footer-app-logo.png
www.ntd.com/assets/themes/ntd/images/ 73 KB
73 KB 49ms
47ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:31 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "606f685f-122fe"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds063.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 74494
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Semibold.otf
www.ntd.com/assets/themes/ntd/fonts/ 123 KB
123 KB 50ms
49ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1eb2c"
x-hw: 1660462371.cds237.lo4.hn,1660462371.cds061.lo4.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 125740
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 84ms
29ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:16:12 GMT
x-content-type-options: nosniff
age: 396999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 17:16:12 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 30ms
29ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b3&cv=3.8.0.210223&ns__t=1660462371958&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&c8=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&c9=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:51 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hwiCEcQvHqOhOg1QAK0nyppdc0-4tzOxVs3n_eZtuSxNb3VXHZfvVA==
x-cache: Miss from cloudfront

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 221 KB
68 KB 87ms
18ms Script
application/x-javascript 18.66.139.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-63.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a006bda7e1aaa6652f64e00ae31300fd7274703e58b5ce864e1b938dcfcee4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: hrsNGm5U9bA2tQOMPVpIZjc96syV6qZd
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 12 Aug 2022 03:44:11 GMT
server: AmazonS3
age: 140
etag: W/"21127db3b7ee6ef573a2f2624f893b58"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sun, 14 Aug 2022 07:30:33 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: IKAJdqyf37qCaz4hdYJH4GJMpmFBnoBBcYSDQIOWYA5r3Q0d2rNyMQ==

GET
H3 200 geo Show response
subs.youmaker.com/rules/ 116 B
133 B 174ms
128ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 71e857e19f4b2cab945e0a61e29167a378f44d307a401f2407733e53b455dd0e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa2889a33babf6c560df179f876ddf5bbf5346d1893d9f3fb9c99055e540d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28771
x-xss-protection: 0
server: sffe
etag: "1303 / 54 of 1000 / last-modified: 1660341915"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Aug 2022 07:32:52 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 17ms
17ms XHR
text/plain 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 04:23:09 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
age: 11383
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: jO2fVRslRh3U6XayqqKuk3LWyLDIzdBhxBQ1BfDSTLWFevq9lUCoaw==

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
1 KB 327ms
53ms Script
text/javascript 54.78.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 9466b212e83f6bdf7a3587f647c2b557fe9c8bf387140ded83c322a4e87a8239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1064
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 55ms
23ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1015701915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&dp=%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&ul=en-us&de=UTF-8&dt=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1982476635&gjid=780526792&cid=311763380.1660462372&tid=UA-128455718-1&_gid=1672187176.1660462372&_r=1&_slc=1&cd1=36509&cd2=362&cd3=%3Bchina-10%3Bcoronavirus-outbreak-28902%3Beurope-world-28832%3Bnews-politics-14114%3Bntd-uk-news-latest-clips-36510%3Bnews-8%3Bntd-uk-news-36509%3Bshows-6%3Buk-5978%3Bvideo-3020%3Bworld-11%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3B&cd5=%3Bchina-10%3Bcoronavirus-outbreak-28902%3Beurope-world-28832%3Bnews-politics-14114%3Bntd-uk-news-latest-clips-36510%3Bnews-8%3Bntd-uk-news-36509%3Bshows-6%3Buk-5978%3Bvideo-3020%3Bworld-11%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3B&cd21=687400&cd22=neil-woodrow&cd23=Neil%20Woodrow&cd26=NTD%20UK%20News&cd28=%3BChina%3BCOVID-19%3BEurope%3BLatest%20Clips%3BLatest%20Clips%3BNews%3BNTD%20UK%20News%3BShows%3BUK%3BVideos%3BWorld%3B&cd29=%3BCCP%20virus%3BJasper%20Becker%3B&cd30=20211012&cd31=20211012&cd33=54&cd38=362&cd42=%3Bccp-virus%3Bjasper-becker%3B&cd43=post&z=110908095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 geo Show response
subs.youmaker.com/rules/ 116 B
133 B 128ms
127ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo?siteid=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 71e857e19f4b2cab945e0a61e29167a378f44d307a401f2407733e53b455dd0e

Request headers

Accept: */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H2 200 count Show response
sc.youmaker.com/site/article/ 140 B
291 B 185ms
135ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/site/article/count?site=www.ntd.com&user=e336acda-4176-cacd-6934-087e4907da54&postid=687400
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2e6669363a261b587dace8d48e7ecec799feffa8611a337bf05652e1e7b32849

Request headers

Accept: */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
content-type: application/json;charset=UTF-8

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 72ms
26ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c938f182d0af019dd903b789ae7cfc1b387022836d1937ab2265cc2fbeecc18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Sun, 14 Aug 2022 07:32:52 GMT

GET
H2 200 ntd-logo-comment.png
www.ntd.com/assets/themes/ntd/images/ 35 KB
35 KB 34ms
32ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 19:34:41 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "60ba8051-8b5f"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds239.lo4.c
content-type: image/png
cache-control: max-age=315360000
content-length: 35679
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-632048160-270x152.jpg
img.ntd.com/assets/uploads/2022/05/ 11 KB
12 KB 38ms
36ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/05/GettyImages-632048160-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e0258f498f2edf63c2903b2d39ceabf8b3c511a3e64732ef41743f74667f5d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Tue, 24 May 2022 19:51:37 GMT
server: nginx/1.20.1
etag: "628d3749-2ddc"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds220.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11740

GET
H2 200 Monkeypox-2-270x152.jpg
img.ntd.com/assets/uploads/2022/05/ 20 KB
20 KB 38ms
36ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/05/Monkeypox-2-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e67401b1d1396caeb40126cf0ba3b5d1869e9bd700e5762f92943b997b734cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Thu, 26 May 2022 23:03:13 GMT
server: nginx/1.20.1
etag: "62900731-501a"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds265.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20506

GET
H2 200 Coal-2-1200x800-270x152.jpeg
img.ntd.com/assets/uploads/2022/08/ 20 KB
20 KB 42ms
40ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Coal-2-1200x800-270x152.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 16acfd9bb0d5689a9d1b736697a30df8c91ec20ccdcf9272d6f5c8ecf37368a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sun, 14 Aug 2022 05:31:23 GMT
server: nginx/1.20.1
etag: "62f888ab-4ea6"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds231.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20134

GET
H2 200 SALMAN_RUSHDIE-270x152.jpeg
img.ntd.com/assets/uploads/2022/08/ 20 KB
20 KB 44ms
42ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/SALMAN_RUSHDIE-270x152.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: b934132edbd9aadb89d8be2aa2a4b717d824f4a50c0be5f7cc51872d607e2533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sat, 13 Aug 2022 21:31:28 GMT
server: nginx/1.20.1
etag: "62f81830-4f7b"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds082.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20347

GET
H2 200 Immigrant-Surge-in-DC-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 12 KB
12 KB 39ms
39ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Immigrant-Surge-in-DC-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ec1ec16097c77dd1603e31d2a6c60d46802db3e9e1d01fd1545730f9fe52871c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sat, 13 Aug 2022 02:39:27 GMT
server: nginx/1.20.1
etag: "62f70edf-30c8"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds038.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12488

GET
H2 200 2022-Martial-Arts-Competition-1920x1080-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 16 KB
16 KB 30ms
29ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/2022-Martial-Arts-Competition-1920x1080-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: cbca6036b18464e5c94eac4948837c3a9d59f49662059363b7c99bcc705ff655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sat, 13 Aug 2022 19:10:53 GMT
server: nginx/1.20.1
etag: "62f7f73d-3f10"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds324.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16144

GET
H2 200 Screen-Shot-2022-08-13-at-6.08.58-pm-270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 17 KB
17 KB 31ms
30ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/Screen-Shot-2022-08-13-at-6.08.58-pm-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: b1b8d3f35cdc8417f4b959d9824e605afa7f4beb159de8781833eb85eaa98d21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sat, 13 Aug 2022 13:05:38 GMT
server: nginx/1.20.1
etag: "62f7a1a2-42ef"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds321.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17135

GET
H2 200 garland-wray--270x152.jpg
img.ntd.com/assets/uploads/2022/08/ 7 KB
7 KB 29ms
29ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/08/garland-wray--270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 55cf5c40f8496865de84ae2dbc503775039a52c8693cf80282993c131da76e14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sat, 13 Aug 2022 16:13:15 GMT
server: nginx/1.20.1
etag: "62f7cd9b-1c24"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds263.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7204

GET
H2 200 Jasper-Becker-900x506.png
img.ntd.com/assets/uploads/2021/10/ 561 KB
562 KB 556ms
556ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/10/Jasper-Becker-900x506.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 42770b6221bfdb7114115a8b112b429c01309c9b31058a97c6cd96876f72abec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Tue, 12 Oct 2021 05:07:56 GMT
server: nginx/1.20.1
etag: "6165182c-8c4e5"
x-hw: 1660462372.cds237.lo4.hn,1660462372.cds205.lo4.sc,1660462372.cds205.lo4.pr
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 574693

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31cfe53a30f429bf940d747c0804c44f26a4e4d71500d88509c67b808a8ec0a9

Request headers

Referer
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 86ms
29ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128455718-1&cid=311763380.1660462372&jid=1982476635&gjid=780526792&_gid=1672187176.1660462372&_u=YEBAAEAAAAAAAC~&z=2132756046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Aug 2022 07:32:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Youmaker_player_logo.svg
www.youmaker.com/images/ 12 KB
5 KB 65ms
25ms Image
image/svg+xml 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youmaker.com/images/Youmaker_player_logo.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 09c4876d230686046390e0e836d90f43012aad1a55d2919e73af46c049069f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
last-modified: Thu, 11 Aug 2022 18:03:40 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK playlist.m3u8 Show response
vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/ 811 B
1 KB 503ms
426ms XHR
application/x-mpegurl 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/playlist.m3u8
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7f5840d8c699b98ef1668903826fca6ee7d1e115858fdd569cfb5dde5865c6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Cdn-Cache-Control: no-store
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Akamai-Mon-Iucid-Del: 1194989
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: must-revalidate, max-age=10
Access-Control-Allow-Credentials: true
Content-Length: 344
Akamai-Cache-Control: max-age=10,must-revalidate

GET
BLOB 200
OK 67769ac7-b33a-47fc-9877-19059c4355c4
https://www.ntd.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/67769ac7-b33a-47fc-9877-19059c4355c4
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK ddfcf117-6a59-420e-9d26-4e840d9ce44c
https://www.ntd.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/ddfcf117-6a59-420e-9d26-4e840d9ce44c
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 94856584-8cdb-4904-86fd-9c589b869755
https://www.ntd.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/94856584-8cdb-4904-86fd-9c589b869755
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H2 200 97-f8cfd7bf76647bada2c5.js Show response
js.chargebee.com/v2/ 12 KB
4 KB 16ms
16ms Script
application/x-javascript 18.66.139.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/97-f8cfd7bf76647bada2c5.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-63.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7e1dd8fe5fdb91c932d1d10144939412242ea67c7f8ea7c6d88bdb1234b0407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 46WP0CUpKF41UbjbPwSpsnhA86TyvVV_
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 12 Aug 2022 03:44:11 GMT
server: AmazonS3
age: 150
etag: W/"5e813a9d80672bc90433edcf548c0fba"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sun, 14 Aug 2022 07:30:23 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: pRwb0xjjb0L_RvsdB71q2zULcSvmw3iAnjSFsf-qnztpgQ4lQVcWwg==

GET
H2 200 pubads_impl_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
132 KB 71ms
15ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 05:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134589
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Aug 2023 05:10:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 239 B
764 B 79ms
26ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ntd.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c6547b2a8866e61b15cfcefb2ddb03aebe0ce6dd03d9bcbb66b4bb4901407311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Sun, 14 Aug 2022 07:32:52 GMT

GET
H3 200 subtitle Show response
www.youmaker.com/v1/api/video/ 35 B
51 B 135ms
101ms XHR
application/json 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/v1/api/video/subtitle?systemid=8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H/1.1 200
OK timeline_thumbnail_0.jpg Show response
vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/ 176 KB
177 KB 521ms
165ms XHR
image/jpeg 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/timeline_thumbnail_0.jpg
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 9f98d519001d14be538dd3d9cbcb8e59457674876605857cf67b421ca2f3b995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:52 GMT
Akamai-Mon-Iucid-Del: 1194989
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 embed.js Show response
comment.youmaker.com/web/ 7 KB
8 KB 205ms
129ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/embed.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
last-modified: Sat, 23 Jul 2022 15:56:39 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7637
app-version: 0.1.2

GET
H2 200 counter.js Show response
comment.youmaker.com/web/ 2 KB
2 KB 209ms
133ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/counter.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
last-modified: Sat, 23 Jul 2022 15:56:39 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2305
app-version: 0.1.2

GET
H3 200 get Show response
subs.youmaker.com/template/ 165 B
182 B 128ms
127ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/template/get?tid=signin&sid=www.ntd.com
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165

GET
H3 200 get Show response
subs.youmaker.com/rules/ 14 KB
14 KB 128ms
128ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/get?sid=www.ntd.com&pid=cb2269f6-6646-4b96-b401-bbe360214e59
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type

POST
H2 204 c Show response
ea.youmaker.com/api/pw/ 0
225 B 844ms
844ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 New York, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.ntd.com
date: Sun, 14 Aug 2022 07:32:53 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

OPTIONS
H2 200 c
ea.youmaker.com/api/pw/ Frame 0
0 335ms
96ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 New York, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.20.1

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 63ms
28ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=311763380.1660462372&jid=1982476635&_u=YEBAAEAAAAAAAC~&z=1214167347

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
28ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=311763380.1660462372&jid=1982476635&_u=YEBAAEAAAAAAAC~&z=1214167347

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 386 KB
154 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 23:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 23:52:46 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 179ms
118ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3d62e1db-fb90-4552-b1b4-c7d79674467a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ff77a927-907a-45b2-8824-cf700182c16a&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyi8c&type=javascript&version=2.4.15

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 14 Aug 2022 07:32:51 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e43fd9ca6739b25932f666ff00c65252c7b23ec125e186f9472bf503d94f80fa
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 183ms
119ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3d62e1db-fb90-4552-b1b4-c7d79674467a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ff77a927-907a-45b2-8824-cf700182c16a&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyi8c&type=javascript&version=2.4.15

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 14 Aug 2022 07:32:52 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: ae17994194d5e728a2ed99d8c75d0a981f1a3bbd61e323cc3bef4c1ce6a1578c
content-length: 43

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 56ms
55ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&pid=pl8ToIjnN53dq&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22article_top_ads_inner%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: C18PSX87ZD0AAM6V6T1F
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yHNsKaP5wEg3dBK7J0DQhzsoKEO0KJvfrRVgdYwwOGGztx3uRtuezQ==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 534 B
722 B 99ms
23ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 3c15db5f59b3404361f68a830d61e28e37b6311ac3914e1d4f25793635c4568b

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 248 B
615 B 184ms
110ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: a26ccc48e3aa9d58e7c8e8567a0e097c93f1f1ebb5db5d503465f99615cdd4df

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: nginx/1.21.3
X-Prebid: pbs-go/0.221.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 248
Expires: 0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
390 B 151ms
39ms XHR
application/json 54.154.173.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1165175&ntv_pb_rid=53bbae6d87f706&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYXJ0aWNsZV90b3BfYWRzX2lubmVyIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjB9&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.173.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-173-206.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 511 B
1 KB 219ms
60ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_header_728x90&tk_flint=pbjs_lite_v6.23.0&x_source.tid=2207ff13-2806-4f4b-a9ab-7d3623d6788a&l_pb_bid_id=8a20fbfec3e287&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_header_728x90&slots=1&rand=0.42073470395659385
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d3c3f8748a6e3502a3f7f8170cc617f5b5706a2ab31e5cb647443acc99499aa7

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 511
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 69ms
19ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.ntd.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 216ms
177ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7b547aae8758922f08651b0ae7de507b65ba1011d292c317639e2639e658109f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6eb6cc3e-5af5-4d98-979f-1e7841de43d4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 56ms
56ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&pid=pl8ToIjnN53dq&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: KSHVD1TZT56QDA7HGAX4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: gZfDdjyCQyj-7AMzwV7rW9YZmasYRSicAYb-o48R2xx-xvEsdibOAg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 249 B
616 B 440ms
373ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 952e5f9775e9915788d7d6706894c2735e64cf0e46c2b813390602c963c1f479

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: nginx/1.21.3
X-Prebid: pbs-go/0.221.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 249
Expires: 0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
389 B 144ms
39ms XHR
application/json 54.154.173.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1165183&ntv_pb_rid=174a787c095af81&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjAsImJlbG93X2FydGljbGVfYWRzIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.173.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-173-206.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 64ms
19ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.ntd.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 134ms
99ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cf187e527d083da8317e30a92a094efc262c57e9d32ae5b80593f65fd9700874

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b94ef4e5-1ac4-4b1d-94d2-4d31fc42d8ed
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 509 B
1 KB 221ms
68ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=193ffbd2-1198-47f3-b884-44c41095af2d&l_pb_bid_id=241f2bd9d8eca9b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.5555254525415994
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fbd71e32590d1490dd3b01ef3d7ffee11a8c384dacc3cc6a13909356775f44b6

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 509
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
487 B 52ms
51ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&pid=pl8ToIjnN53dq&cb=2&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22right_column_ad_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 4WZJYVZQ0RM0Z6H2EGNE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _82zbf7MtoGoHhp-uFfD0fWt6Vtg5ObSvSNLe1pAEie22qmG92Vfqw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 249 B
616 B 227ms
167ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 5804d801dbda00827f2f8ee8349da75f7b4b15f4ab0e41b5eea088c071860861

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: nginx/1.21.3
X-Prebid: pbs-go/0.221.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 249
Expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 497 B
1 KB 214ms
65ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-4&tk_flint=pbjs_lite_v6.23.0&x_source.tid=204921fa-edfb-4e97-b3a6-175ea2e47611&l_pb_bid_id=30fb6a842b18b6d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-4&slots=1&rand=0.9909785831612492
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 024e9f55396e1e4f3afbbae01da7583157951eba29506e5f9784cc9469d502e8

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 497
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 94ms
59ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

596c8e7a75c807a66f849094aff48c0adc435d6b4c1177b85e2e77fc2b1e55f4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c44306d-a1f0-4f2e-992c-458c8bf0eeb0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 57ms
20ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.ntd.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
650 B 136ms
39ms XHR
application/json 54.154.173.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1165170&ntv_pb_rid=354cc88e45667ad&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoicmlnaHRfY29sdW1uX2FkXzAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjAsImJlbG93X2FydGljbGVfYWRzIjowLCJyaWdodF9jb2x1bW5fYWRfMCI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.173.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-173-206.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 93ms
24ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
25ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 627 B
389 B 89ms
55ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2536058822115295&correlator=3120464371528143&eid=31068924%2C44770638%2C31068519&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1600640090&sfv=1-0-38&fsapi=false&eri=1&cust_params=ENTD_category%3Dchina-10%252Ccoronavirus-outbreak-28902%252Ceurope-world-28832%252Cnews-politics-14114%252Cntd-uk-news-latest-clips-36510%252Cnews-8%252Cntd-uk-news-36509%252Cshows-6%252Cuk-5978%252Cvideo-3020%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie_enabled=1&abxe=1&dt=1660462372395&lmt=1660462372&dlt=1660462371366&idt=975&adxs=290&adys=968&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&frm=20&vis=1&psz=767x170&msz=647x0&fws=0&ohw=0&ga_vid=311763380.1660462372&ga_sid=1660462372&ga_hid=1015701915&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

820f9e356585f1120e62381fe4dd30ca3ab836752c3306c1f45eb45bf7749cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B526 6 KB
4 KB 144ms
27ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 07:32:52 GMT
expires: Mon, 14 Aug 2023 07:32:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show Show response
subs.youmaker.com/template/ Frame DBCB 4 KB
4 KB 130ms
129ms Document
text/html 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMkhFJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUwLjEwNDklMkMlMjJsb25naXR1ZGUlMjIlM0E4LjYyOTUlN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.20.1
via: 1.1 google
x-robots-tag: noindex

POST
H3 200 auth Show response
subs.youmaker.com/subs/ 40 B
56 B 128ms
128ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/subs/auth?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&nid=2200&subscribed=
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40

OPTIONS
H3 200 auth
subs.youmaker.com/subs/ Frame 0
0 135ms
135ms Preflight 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/subs/auth?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&nid=2200&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.20.1
via: 1.1 google

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A74B 42 KB
22 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=2h2a5zn8akei

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32f0e5bee3162aa3211f4f690ccf625a8fe6a746467e3d88921c750125d33681

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2mpBlDP5SdTHvd5j1JB5KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22002
content-security-policy: script-src 'report-sample' 'nonce-2mpBlDP5SdTHvd5j1JB5KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 07:32:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 42ms
41ms Image
image/gif 54.78.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2778904&ntv_pl=1164748
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 42ms
41ms Image
image/gif 54.78.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=53445fbb-48db-4c71-9015-d8fe90561d54&ntv_fl=EYH3iMOdbf20C_n4ku6A3wwTL9oMmpwUnkiYOJ69D3awpMxzmDJ_-7CFSSjAJUoSkouBOYcInSsJ3yskXvmOdEg_ic-g5DeW6mGgN1BTqeZ0_UPZnFz1xDhAKV7TZz5eFKKdSdZSRaFMpofsWtAu9NiCPYOlDyxGGFhyIh0VW5d2MTYKS0wtHcygM8KBTIc5Aa8alTQ5TfvOnWoCg7dlCtAh3gkWr2gZYhmHllPDAzg=&ntv_ht=JKX4YgA&ntv_at=303,302&ntv_a=AAAAAAAAAAB8cRA&ord=1660462372462&ntv_it
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 41ms
40ms Image
image/gif 54.78.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=1b19cd1c-54b8-4470-a098-42c3536ecfd1&ntv_fl=PLjyRKDmYPlVfrSdyHSYropbZ_TbDhEcd8-J-KEzJ7K3LysSMc4uW-GGDM7TM9SCKcLT-P9kgKmtAHcYEZM8dcDbb-8-Y9lWLvKupqkMyUyW__7SxFLb2nIHZzEX84wi5-umoY01Ma_euqKGYkpTRK6vEnjrpObY8NsB0YhT-43rLBB0uoSQimwwEUgjIzj-SNftxTU0APfSccwSuRlu307aaj6MfBSmn4snswyanEg=&ntv_ht=JKX4YgA&ntv_at=303&ntv_a=AAAAAAAAAAzMURA&ord=1660462372464&ntv_it
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 45ms
44ms Image
image/gif 54.78.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1165063&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:52 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
535 B 485ms
107ms Image
image/gif 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:52 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-140
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 iframe.html Show response
comment.youmaker.com/web/ Frame 2DBD 4 KB
4 KB 163ms
131ms Document
text/html 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 0011a11726bf0bbfcf1f2f4406071b3ee90f4b231f1aec792c9c4cb6ab5e90fe

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name: remark
app-version: 0.1.2
author: EMG
content-length: 4209
content-type: text/html; charset=utf-8
date: Sun, 14 Aug 2022 07:32:52 GMT
last-modified: Sat, 23 Jul 2022 15:56:39 GMT
server: nginx/1.20.1
via: 1.1 google
x-robots-tag: noindex

POST
H3 200 counts Show response
comment.youmaker.com/api/v1/ 169 B
193 B 131ms
130ms XHR
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: d42f6dcfecc40d5835ef1571f5d5769e6f831392c520fba5be91b5b835351e18

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169
pragma: no-cache
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
expires: Thu, 01 Jan 1970 00:00:00 UTC
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
app-version: 0.1.2

OPTIONS
H3 200 counts
comment.youmaker.com/api/v1/ Frame 0
0 161ms
129ms Preflight 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ntd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name: remark
app-version: 0.1.2
author: EMG
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 14 Aug 2022 07:32:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx/1.20.1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-robots-tag: noindex

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame A74B 52 KB
24 KB 54ms
16ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=2h2a5zn8akei

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 06:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 06:37:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame A74B 386 KB
154 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 23:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 23:52:46 GMT

GET
H3 200 userId.bundle.js Show response
subs.youmaker.com/lib/ Frame DBCB 199 KB
199 KB 140ms
138ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/userId.bundle.js
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMkhFJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUwLjEwNDklMkMlMjJsb25naXR1ZGUlMjIlM0E4LjYyOTUlN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 826c0421864972168d5e92e6bec6caf1e72526ed7f29e585277169e953643efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMkhFJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUwLjEwNDklMkMlMjJsb25naXR1ZGUlMjIlM0E4LjYyOTUlN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
last-modified: Fri, 05 Aug 2022 16:16:05 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203808

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
3 KB 1178ms
1103ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: a57dda48b27a9882de858ff0f8c6370b99f4a0d591be533e993ffc1885aa00c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sunday, 14-Aug-2022 07:32:53 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 74ms
24ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 60ms
25ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 341ms
341ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2536058822115295&correlator=3120464371528143&eid=31068924%2C44770638%2C31068519&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=2&adks=1030851624&sfv=1-0-38&fsapi=false&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ENTD_category%3Dchina-10%252Ccoronavirus-outbreak-28902%252Ceurope-world-28832%252Cnews-politics-14114%252Cntd-uk-news-latest-clips-36510%252Cnews-8%252Cntd-uk-news-36509%252Cshows-6%252Cuk-5978%252Cvideo-3020%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie=ID%3D4a3d6ee002a941be-22ee6055f3cd0097%3AT%3D1660462372%3AS%3DALNI_MZtnFfTQBn5tvxANJ8DaEgesanlqw&abxe=1&dt=1660462372594&lmt=1660462372&dlt=1660462371366&idt=975&adxs=200&adys=151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&frm=20&vis=1&psz=1200x0&msz=1200x0&fws=0&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=311763380.1660462372&ga_sid=1660462372&ga_hid=1015701915&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

64b3c8aea123f4167478f7d48636bc46a1730d9775878d3f32ecc79c7d509f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9806
x-xss-protection: 0
google-lineitem-id: 5900320489
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379156719
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 587ms
586ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2536058822115295&correlator=3120464371528143&eid=31068924%2C44770638%2C31068519&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=2760480871&sfv=1-0-38&fsapi=false&prev_scp=first_article%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ENTD_category%3Dchina-10%252Ccoronavirus-outbreak-28902%252Ceurope-world-28832%252Cnews-politics-14114%252Cntd-uk-news-latest-clips-36510%252Cnews-8%252Cntd-uk-news-36509%252Cshows-6%252Cuk-5978%252Cvideo-3020%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie=ID%3D4a3d6ee002a941be-22ee6055f3cd0097%3AT%3D1660462372%3AS%3DALNI_MZtnFfTQBn5tvxANJ8DaEgesanlqw&abxe=1&dt=1660462372613&lmt=1660462372&dlt=1660462371366&idt=975&adxs=1028&adys=636&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&frm=20&vis=1&psz=372x0&msz=372x0&fws=0&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=311763380.1660462372&ga_sid=1660462372&ga_hid=1015701915&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

80780a5e56dc244606ea03bdf39b6974b2136efe2cb206809949bec4fd43ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10197
x-xss-protection: 0
google-lineitem-id: 5901908563
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379786852
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A74B 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 215563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 18 Aug 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A74B 15 KB
15 KB 67ms
34ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 397571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A74B 15 KB
15 KB 77ms
44ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 465093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A74B 102 B
134 B 29ms
29ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=2h2a5zn8akei
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 14 Aug 2022 07:32:52 GMT

GET
H/1.1 200
OK playlist.m3u8 Show response
vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/hls_480p/ 2 KB
1 KB 291ms
291ms XHR
application/x-mpegurl 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/hls_480p/playlist.m3u8
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 315c3b5d130c82b11f8ec213c9ce1c1fae8cc817b04e6f5758ce8b9b0479bb66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Cdn-Cache-Control: no-store
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Akamai-Mon-Iucid-Del: 1194989
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: must-revalidate, max-age=10
Access-Control-Allow-Credentials: true
Content-Length: 409
Akamai-Cache-Control: max-age=10,must-revalidate

GET
H3 200 remark.css
comment.youmaker.com/web/ Frame 2DBD 86 KB
86 KB 129ms
129ms Stylesheet
text/css 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/remark.css?v=2022062509
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f952d40de50ee68414a8454d93b85fa326a029b3cd7d070bc19a206e15702924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
last-modified: Sat, 23 Jul 2022 15:56:39 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88461
app-version: 0.1.2

GET
H3 200 remark.js Show response
comment.youmaker.com/web/ Frame 2DBD 315 KB
315 KB 130ms
130ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/remark.js?v=2022062509
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f54c2e8bda3af801a52d3b580e982f4317166bc8a79486b88b69647a1e7e6246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:52 GMT
via: 1.1 google
last-modified: Sat, 23 Jul 2022 15:56:39 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 322947
app-version: 0.1.2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C66E 0
0 53ms
52ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveD_i6n9uVRvqfYvvpozXYbMPD3zi6iwtK65gHM5wLwKrclKAlvojAybfPCD3jAQIntKAUMU7AMF7e4M0jTiJQb-z03J0HFm-oOZzhRY9As_8cmDS0v5BA-uN6dIVkMaFJwH4VG6ymRgsv4sL2lJjU9-u2zVtRTqS09OIQBnvlziDOuH0tpp06S-NzkiV2Rhr9T1AgghqCVF2YfjoENeZzG4BqXodxSAGiDRZle0cTe_8wG3tLs6fsugBPHyfROLgE1fqk-iNruP7IUNhayGFXcoJasdW0SYezHEoLTcfbZ28U4mb501uLSsfOs_cYK53HHpoHvx7K7L8aK0mgqllCEOSzP4PNqI3_TZeoCEOqCukEilIC3je8oDEs&sai=AMfl-YS6ugKXpklL0xo2S3W_4gd8SIStgDKaIOtHmSDgrmElBSqEcPFMG9TIwsjc_hBHi6hqySFAUrSwwr3Wm1A4bjOGWhrZfW_Y2tBeH9L6uRSC9neEszhaW68uAetNBA&sig=Cg0ArKJSzCO9S7IicgpbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C66E 140 KB
43 KB 60ms
26ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 07:32:53 GMT

GET
H2 200 1286732493618174170
tpc.googlesyndication.com/simgad/ Frame C66E 704 KB
705 KB 72ms
18ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1286732493618174170?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29c7af25062b94589535b92bf6a5868b7bad028d5a6494971f38bc530632cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 23:10:46 GMT
x-content-type-options: nosniff
age: 289327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 720939
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 22:11:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Aug 2023 23:10:46 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 165ms
57ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK out0000.ts Show response
vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/hls_480p/ 439 KB
440 KB 298ms
298ms XHR
video/mp2t 2a02:26f0:dc::217:610b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/8a9ecf1a-b6c6-4d62-ab49-e6ffb39b25f2/hls_480p/out0000.ts
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:610b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1b3b1eeba5d3296f2d222e0b5389df3643e48611491a8d5a23169f1ebb702e4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:53 GMT
Akamai-Mon-Iucid-Del: 1194989
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H3 200 config Show response
comment.youmaker.com/api/v1/ Frame 2DBD 283 B
306 B 130ms
129ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/config?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022062509
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93

Request headers

x-provider-token: youmaker
x-xsrf-token
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:53 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
DATA 200
OK truncated
/ Frame C66E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47dc1b39d61a338f5c4103102cefb325097941d3db660109a03cd93fd814f21d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C66E 0
0 84ms
51ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKMsdFfTEpG5UmdogURTTaALSejsOeWQxrHrkpSXJ7BqpuBDfyanz8mYB4RAMCSsPdZRMq9kvqKIB1Hx3V7IoRsyLcbOWZz7PnY3Qko6L34SuMbIwOOCxBGje0l8vpLRicsDIaTyTEhuayC2-6ODCIsUKHOdmzHiclP-B_V2ThXBIQCE2rG_zpwNkH4I3ZRoUpBj7bR6BKSU2UELaqo_bAu0fK_cE6e12hMO9Nz6DQY-geW1GlUWsZNjpXHQd-iKaLakRWhfXI9pzlxXXDqsBWv9FMVnA43Mmnap5S4wlL1aUiCQMY1FbXB1hHGiUe-SwXOWtIcpxzjI-er0_WyDHy9Q&sai=AMfl-YQToP_j6X0AiixmkzGRQbMJozZk6tIiYPtoRbDPvBkj4IaXuksG7UXS7qmwfRP2vlYLQVzC-jLIYOBBon2dI8AzG4yufewMtGek1u9MDCUb0qCv1EoJJ8wAvSEDLw&sig=Cg0ArKJSzCeDz2e5CdYnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 14 Aug 2022 07:32:53 GMT

GET
H3 401 user
comment.youmaker.com/api/v1/ Frame 2DBD 57 B
0 140ms
139ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022062509
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token: youmaker
x-xsrf-token
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:53 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 site Show response
comment.youmaker.com/api/v1/ Frame 2DBD 91 B
114 B 142ms
141ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/site?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022062509
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd

Request headers

x-provider-token: youmaker
x-xsrf-token
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:53 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 find Show response
comment.youmaker.com/api/v1/ Frame 2DBD 123 B
146 B 144ms
144ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/find?site=www.ntd.com&url=www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html&id=687400&group=&sort=-time&format=tree
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022062509
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5

Request headers

x-provider-token: youmaker
x-xsrf-token
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&url_id=687400&page_title=China%20Expert%20Warns%20of%20CCP%20Virus%20%E2%80%98Half-Truths%E2%80%99&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:53 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6592 0
0 58ms
57ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9GOj3wJuGAbQuIo1O-6-_34u4sAwXLKRk5pzZnjqCgCBR_G7Z5z4qAxGpoGE7JN38-kUs1ShHYKvwIaPVxGquyBT6rPSbrgLVePlEcpFiK9nXpbPXSHJMusE5c2B8p0IToAA6Iko1ntTMyBkBWGO0ldOqirCqcmEDW2gM4jL-UQkBZwjJR0DlUqxJBzHCbdy_4goQX1PITjBMnI0sNU3TObnMs1lDFsP4Vc6wi6mxsJWM1-cuVTNmU9x64ap9Rl26F2k-P8i7TNTi6OyVN_VDWbJeRXsSHMc4JGNa8XGtsGFZ8qJZHT2euafYD_hl3riIhN3cmRCgqBQP1WSUz5r9NBdqnU2b4iHp5tRw-F75C-PG&sai=AMfl-YSBokcW-ywnALzWrxRO0WXF4qYKJsWJYD_3vcoNKD87FRxzQfXCZuewBX5KATcZWQm_qKRnnD7VYuC2nUsMsiz2vasL4nycTZkcFht4-UsTzZy4T7A-ohphnV6MBQ&sig=Cg0ArKJSzNMfO5VwSc8-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6592 140 KB
43 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 07:32:53 GMT

GET
H3 200 2872466857294283577
tpc.googlesyndication.com/simgad/ Frame 6592 214 KB
214 KB 55ms
19ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2872466857294283577?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad2d63ef62494907810c6a1a3a47e827e3c0a4babce855cadf0fc16cf397a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 06:39:01 GMT
x-content-type-options: nosniff
age: 435232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219539
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 03:27:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 06:39:01 GMT

GET
DATA 200
OK truncated
/ Frame 6592 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 138aa5b7e420e6792e9392fedccb0b2b8643ed118f0786b0dc71502c31e1f542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6592 0
0 52ms
52ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx3zGwNsouzDqaAVwlEc31hy_b8rnnf9C70dssTiU-y-uy4Zfy9CXC3Cuo8MiXjeJRKMNf4EjlgjyiGihRp5ygWT6HQ0XGc7LWS2GfCsL9m8OvZ-t4LmzFnUIgi8LMKM6nG4BfgBcD6g2ggTERt9RoqtAMpxHV4FAUPiYfMjs7M-D7Xwimznd1zQysKDCc1cnGHnOcIGFeuL97Dg6dTpVuvdF0uIo5wH8NxIpodk1U4KeGX03En8VFaY4om8_ldz2R__MFWIQSb6Ii8Z9ohK9UnUCbZrPHWXw23J0o0tI22-mQxO8EI9dXhJk_ypffDH2eILxDss9qTA&sai=AMfl-YTEGpfP8mTp2SLzGUSMBrxHP4vsKZVyivXtxnyslxyCShtofYYoQOTR0sNz8OiRt0K4ZibnDRf02q2VSfL01gB6EAxttKsBL1cel-dLe77Rip5LmUTI0V30Q3n4cg&sig=Cg0ArKJSzNOw9VmeQ0J5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 14 Aug 2022 07:32:53 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
339 B 40ms
40ms Image
image/gif 54.78.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=53445fbb-48db-4c71-9015-d8fe90561d54&ntv_a=AAAAAAAAAAB8cRA&ntv_ht=JKX4YgA&ntv_fl=EYH3iMOdbf20C_n4ku6A3wwTL9oMmpwUnkiYOJ69D3awpMxzmDJ_-7CFSSjAJUoSkouBOYcInSsJ3yskXvmOdEg_ic-g5DeW6mGgN1BTqeZ0_UPZnFz1xDhAKV7TZz5eFKKdSdZSRaFMpofsWtAu9NiCPYOlDyxGGFhyIh0VW5d2MTYKS0wtHcygM8KBTIc5Aa8alTQ5TfvOnWoCg7dlCtAh3gkWr2gZYhmHllPDAzg=&ord=1890488920&ntv_ift=0&ntv_it
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:53 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK jsapi.v5.12.0.en_US.js Show response
static.mixi.media/static/jsapi/ 251 KB
75 KB 134ms
66ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 07:51:02 GMT
Server: nginx
ETag: W/"62455d66-3eabf"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 308ms
126ms Script
application/x-javascript 82.202.225.227
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.202.225.227 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel21.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 115ms
47ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:53 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 189ms
116ms Image
image/png 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=3531302177659
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sun, 14 Aug 2022 07:32:53 GMT
X-Target-Final: 20220814103253-0
Server: nginx
X-Target-Host: target2-1.sselp1
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00024
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sun, 14 Aug 2022 07:32:52 GMT

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 8 KB
3 KB 140ms
139ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: e0d6147dc835a17b9d6e07d311fd3fc6e3c457b29c07ca5bb3bee2d8f279eef5

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:54 GMT
Content-Encoding: gzip
Last-Modified: Sunday, 14-Aug-2022 07:32:54 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Node: ads5-3ssel31

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 63ms
63ms Script
application/javascript 82.202.225.227
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxIkYTZjYWJiZGMtM2Y3Yi00YWNjLWEwOTYtZGZhZjFmMDNjODI1GNO2lNqpMCIkZGM4ZmNmYmMtYzc3My00MzRiLTk1ZWQtYmVmNGI0ZjIxYzU2&cb=_callbacks____0l6t0fbnb
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.202.225.227 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel21.imcmdb.net
Software: nginx /
Resource Hash: 142eb8b80aa24ea4ec89bbfda883fbdb34b8b00a817cdb647873bcc50b6b144f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK 10352802.jpeg
static6.mixi.media/img/400x300/ 72 KB
73 KB 151ms
73ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/10352802.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 4a4c72d2b247c4a5da3dc7698c5654751fbe17c32a6c0debc1bc95ef02c59a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Mon, 08 Aug 2022 16:04:56 GMT
Server: nginx
ETag: W/"62f13428-2e742"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 74096

GET
H/1.1 200
OK 10366186.jpeg
static7.mixi.media/img/400x300/ 69 KB
69 KB 155ms
78ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/10366186.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 20ca01957f3d54c82fc838df4747b4802cb6fd0675754ecf80b7660bd65f250a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Sat, 13 Aug 2022 23:31:05 GMT
Server: nginx
ETag: W/"62f83439-38779"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 70372

GET
H/1.1 200
OK 10366247.jpeg
static4.mixi.media/img/400x300/ 76 KB
76 KB 160ms
81ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/10366247.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 8cdd3867a8878a1606322ad74595fe8ab8d01bed82c11b2617f62b8e0201ea6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Sun, 14 Aug 2022 03:13:08 GMT
Server: nginx
ETag: W/"62f86844-2e957"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 77753

GET
H/1.1 200
OK 10356333.jpeg
static4.mixi.media/img/400x300/ 47 KB
47 KB 166ms
85ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/10356333.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 2adceebc09b54cfe834c661ccafce5b8808a14683051556b2105ed3dda30c761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Tue, 09 Aug 2022 21:22:21 GMT
Server: nginx
ETag: W/"62f2d00d-c870"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 47737

GET
H/1.1 200
OK 10343299.jpeg
static3.mixi.media/img/400x300/ 42 KB
42 KB 162ms
82ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/10343299.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: ea74f424ae59927bd2edde5e2930f2b91c9f89927c05c6923bbd1b79c0831705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Thu, 04 Aug 2022 09:15:15 GMT
Server: nginx
ETag: W/"62eb8e23-1dd53"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 42569

GET
H/1.1 200
OK 10361977.jpeg
static8.mixi.media/img/400x300/ 42 KB
43 KB 169ms
88ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/10361977.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: b86abf644a646bc95614bb10b189dc7fe111e343b99677aa33d5b78671675e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Thu, 11 Aug 2022 21:14:02 GMT
Server: nginx
ETag: W/"62f5711a-f411"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 43341

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C66E 42 B
497 B 125ms
83ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMcNOCEG7xY4b_AqVeRIUO4VAetCTufCl2igBuwrgk6Oz72ibRHoW5VBt5UctR1LZ5n9866RcZQKQa5oHm-xbCirEPu0PZOrwX6Lh0VqM-BEw6x5S4&sig=Cg0ArKJSzEFUCvInS8zUEAE&id=lidar2&mcvt=1000&p=151,315,401,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1030851624&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660462372946&rpt=182&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
880 B 126ms
125ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGE2Y2FiYmRjLTNmN2ItNGFjYy1hMDk2LWRmYWYxZjAzYzgyNRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjYwNDYyMzczNzE1GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGRjOGZjZmJjLWM3NzMtNDM0Yi05NWVkLWJlZjRiNGYyMWM1NhoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1660462374141
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sun, 14 Aug 2022 07:32:54 GMT
Last-Modified: Sunday, 14-Aug-2022 07:32:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Sun, 14 Aug 2022 07:32:54 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 193ms
59ms XHR
text/plain 82.202.225.227
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.202.225.227 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel21.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 14 Aug 2022 07:32:54 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
31ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ac1f09965e981a01cbcb58d4f94b7c708e4b50d94cbffd0d0472ca395b03e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 07:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11076
x-xss-protection: 0

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 85ms
59ms XHR
text/plain 82.202.225.227
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.202.225.227 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel21.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 14 Aug 2022 07:32:54 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 32 KB
33 KB 719ms
189ms Script
application/javascript 52.218.250.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.250.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: dcd09207e667f1cd6bc5c3c25d7d5feaec69caf217acabfb55efc715bd52b215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:55 GMT
Last-Modified: Mon, 08 Aug 2022 22:32:33 GMT
Server: AmazonS3
x-amz-request-id: 4RH3XS8KERPV14YS
ETag: "8099e0d8978e2ea4dd61a62425c6e1b2"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 33226
x-amz-id-2: B/kxBPyG2BqmQQ487In5wReSAVq/pDs/DMhSeFhfiliYMo1SHr1s3utRYxOlMGGz4ISjlOtAyro=
Expires: Wed, 07 Sep 2022 22:32:32 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=china-expert-warns-of-ccp-virus-half-truths_687400.html
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=china-expert-warns-of-ccp-virus-half-truths_687400.html
https://a.clickcertain.com/px/?c=2455d1796b86efb

3 KB
2 KB

145ms
145ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6b16d7e11d1a9803dfe4ab5f8000d95bc62fb140a77f955a2c6960e132e4120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:54 GMT
content-encoding: br
x-frontend: cc-nginx-64fb697694-7dfzr:cc-nginx-64fb697694-7dfzr
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 0cb04e41-71ff-49b0-9704-a94b5cabd96f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slUt826MAWjeDK1NB0RrsHaOt8QRhJmmDXK23bSBpZ1NP1DruP2IYkQPVEm39yYa2HUZi26o%2FmHfIhgJSbHCYgbiG%2BjxW0kv8AldyzCECCRV%2FtYTN7OvaYSb2si%2Bq%2B6D7ZZJlXmuYl3dv6MOq03yAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 73a7ffd289ab59fb-MXP

Redirect headers

date: Sun, 14 Aug 2022 07:32:54 GMT
x-frontend: cc-nginx-64fb697694-vpf4h:cc-nginx-64fb697694-vpf4h
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 3f77e16a-5090-4d94-a764-0de5831a30b5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dt7gkyUvZxomRqmpG2aD9PuJHbT7MqzvxJ%2BCCPhYLH5PlJFG8ZM72q25NfszqFKJGlx7FANWByToTfoELlbdxhpAsA9Eioz4M7mR7o5aYc4XhY9eAuD%2BaHXr1TnYh7aLCyUfb1vp%2F%2BEtgkHjvc2c3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=2455d1796b86efb
cf-ray: 73a7ffd1581e59fb-MXP

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6592 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIiU68Znuz9KpAxuWjG7h4JJQSRMwrYU5_UjyhJptyt8VgRYPYzgmxBWS32BpRmdCQO2pIyBIyodXYyYg1lBCrh0TqEEJj5Xp80mA7J_Kq7KVNbumO&sig=Cg0ArKJSzJV5bdqoiV47EAE&id=lidar2&mcvt=1000&p=883,1064,1483,1364&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=0.53&vu=1&app=0&itpl=19&adk=2760480871&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660462373207&rpt=129&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2218ms
2217ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 07:32:56 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame C438 0
0 16ms
16ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660462372460

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 /
onetag-sys.com/usync/ Frame 2DDE 0
0 16ms
16ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660462372461

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A5DC 281 B
554 B 126ms
27ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Aug 2022 07:32:54 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2920 52 KB
17 KB 129ms
17ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 10281
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 14 Aug 2022 07:32:54 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 218105, 133529
X-Served-By: cache-lga21969-LGA, cache-hhn4059-HHN
X-Timer: S1660462375.719880,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A01E 52 KB
17 KB 127ms
16ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 10282
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 14 Aug 2022 07:32:54 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 218105, 134860
X-Served-By: cache-lga21969-LGA, cache-hhn4050-HHN
X-Timer: S1660462375.719654,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 29BA 0
0 16ms
16ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660462372461

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B8AE 52 KB
17 KB 156ms
24ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 10282
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 14 Aug 2022 07:32:54 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 82580
X-Served-By: cache-lga21947-LGA, cache-cdg20747-CDG
X-Timer: S1660462375.746363,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A5DC 31 KB
10 KB 32ms
31ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83177
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Mon, 15 Aug 2022 06:39:11 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A01E 0
745 B 15ms
15ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:54 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8f52ac0d-f084-46fb-8e62-2841bd306486
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2920 0
745 B 15ms
15ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:54 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 382eabce-bf3d-493e-b5f6-99ef13af583c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B8AE 0
745 B 16ms
16ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:54 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3b7612bc-6e4c-488b-a91a-3715272a1661
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A5DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHP2wUMexok_qvy4zpuMLoM&google_cver=1

0
239 B

157ms
19ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHP2wUMexok_qvy4zpuMLoM&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHP2wUMexok_qvy4zpuMLoM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A5DC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/PQWImfy5WzcHn-ygDU1kyA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2197295619148921594

0
239 B

19ms
18ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2197295619148921594
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Sun, 14 Aug 2022 07:32:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2197295619148921594
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5DC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjODAwNGQ5ZTg5NmYwMWY0OTAzZWNlMjNmYWIyMDI5NTQzMDlmZg

170 B
188 B

59ms
26ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjODAwNGQ5ZTg5NmYwMWY0OTAzZWNlMjNmYWIyMDI5NTQzMDlmZg

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjODAwNGQ5ZTg5NmYwMWY0OTAzZWNlMjNmYWIyMDI5NTQzMDlmZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame A5DC
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6T0FAGV-U-2LJZ&sigv=1&esig=2~37f7ddca675354b0c7ebf69c37e431d2bd7dfffb

0
194 B

95ms
16ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6T0FAGV-U-2LJZ&sigv=1&esig=2~37f7ddca675354b0c7ebf69c37e431d2bd7dfffb

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:55 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6T0FAGV-U-2LJZ&sigv=1&esig=2~37f7ddca675354b0c7ebf69c37e431d2bd7dfffb
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame A5DC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6T0FAGV-U-2LJZ

0
708 B

186ms
125ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6T0FAGV-U-2LJZ
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:54 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D67CD32D14FD48E89A16415C7B7395DB Ref B: FRAEDGE1317 Ref C: 2022-08-14T07:32:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmLoYHw+YV7FGDVAmUQQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6T0FAGV-U-2LJZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame A5DC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=96IOWHBuTMadKcNwwJ5pqA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=96IOWHBuTMadKcNwwJ5pqA

43 B
556 B

45ms
45ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=96IOWHBuTMadKcNwwJ5pqA

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:55 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B04TM0YPAC323SWZ42ND
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=96IOWHBuTMadKcNwwJ5pqA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A5DC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GgHgdPhSSKqfj_980OaT1w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GgHgdPhSSKqfj_980OaT1w

43 B
556 B

111ms
111ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GgHgdPhSSKqfj_980OaT1w

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:55 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ESYZF2ZHRQ114AW05GVF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GgHgdPhSSKqfj_980OaT1w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5DC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZUMEZBR1YtVS0yTEpa

170 B
188 B

58ms
27ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZUMEZBR1YtVS0yTEpa

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 07:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZUMEZBR1YtVS0yTEpa
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame BE60 942 B
863 B 132ms
130ms Document
text/html 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e7b6104feafd5bbed7edd83bb501fde5bcf819a6fbd55af9260e456eb679e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 73a7ffd37b7459fb-MXP
content-encoding: br
content-type: text/html
date: Sun, 14 Aug 2022 07:32:55 GMT
etag: W/"N2U3NWE3MThnYTk3OWc0Y2EzZ2ExMTBnNGI1Y2NkM2M2NTEzLXow"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOFJKHRPnIRAbwWZrEw1ignxHyUV7QHxsDYEhu1Rx37JO%2Bo8WtwGBj1HSAqOTMdmrN2JKMVZ4rFNRfG5%2FztHrObOoQ%2BwV9kXTumhl%2FcUmSFlYVPq7xiFQrlOPWYOSkgoswspZWi2DR8X6w2zNmyZIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-64fb697694-c8pdb:cc-nginx-64fb697694-c8pdb
x-requestid: 8ca661a5-5b4b-4646-9e5e-f0e638642b45

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame BE60
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=7cdb7598-1d81-401e-b62d-5cd96ca8cf0d

0
489 B

147ms
146ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=7cdb7598-1d81-401e-b62d-5cd96ca8cf0d
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:55 GMT
x-frontend: cc-nginx-64fb697694-vpf4h:cc-nginx-64fb697694-vpf4h
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: f85a7cfa-9308-4304-8178-28a9edefed40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mEB7l4nboyqmERuRi%2Bx7RqFHQIK3mlTQ5QYtZf0WyvUGGJCYGSs4pw1PY%2FRq4H4EjpIBB9ZEhqS4rb9NI09he5ChVTtDsNhCwcEnSngD6NHca%2BjSYjoNH3%2FRyKVoYx6teRHQGZN2T3NVX2emcFLhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 73a7ffd5fea159fb-MXP

Redirect headers

location: https://a.clickcertain.com/px/ta/?done=true&ta_id=7cdb7598-1d81-401e-b62d-5cd96ca8cf0d
date: Sun, 14 Aug 2022 07:32:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame BE60
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e75a718%2Da979%2D4ca...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&anx_uId=7544850076752873303
https://x.bidswitch.net/sync?dsp_id=179&user_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&expires=5&user_group=0

43 B
495 B

20ms
20ms

Image
image/gif

3.120.100.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7e75a718-a979-4ca3-a110-4b5ccd3c6513&cn=DE
Protocol: HTTP/1.1
Server: 3.120.100.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-100-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 07:32:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e75a718-a979-4ca3-a110-4b5ccd3c6513&expires=5&user_group=0
Date: Sun, 14 Aug 2022 07:32:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 27 KB
10 KB 67ms
17ms Script
application/javascript 2600:9000:225e:5c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e6d52fb9d798bb53b7b50602d6c2bb5c057745e9ec8d43772118b37115a34288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 00:54:55 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
age: 23880
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: chgbfkJwkwnVhl_c5Oo6ltqIedXbaUVM6BGVu7AAxNcNOFVWRIwjbg==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1660462375409&se=e30&duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&wp...
https://rp4.liadm.com/j?dtstmp=1660462375409&se=e30&duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&w...

13 B
552 B

392ms
106ms

XHR
application/json

107.21.19.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1660462375409&se=e30&duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6MjcyOjoyZQ%3D%3D&n3pc=true

Protocol

Server

107.21.19.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-19-116.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:56 GMT
x-pixel-event-id: c0ae420b-a668-4e9b-9087-31af74c45954
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 7506e5579ed95e90
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Sun, 14 Aug 2022 07:32:55 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1660462375409&se=e30&duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fchina-expert-warns-of-ccp-virus-half-truths_687400.html&wpn=lc-bundle&i6=MjAwMTphYzg6MjA6MjcyOjoyZQ%3D%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.ntd.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: eb4ecdfa45e3f579
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A01E 0
745 B 16ms
16ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:55 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4c5fffab-59d2-4b2d-bd04-d5f09953391f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2920 0
745 B 16ms
16ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:55 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: df635ae2-9c9d-4762-a9c3-48b2c314abd9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B8AE 0
745 B 15ms
15ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 07:32:55 GMT
X-Proxy-Origin: 146.70.117.111; 146.70.117.111; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ea04ed3c-ed6d-48bd-9659-f519e3b36e8b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 72731 Show response
idx.liadm.com/idex/unknown/ 42 B
386 B 340ms
109ms XHR
application/json 52.207.193.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01gadma8btzrtkz8x25m8ae93n&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.193.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-193-102.compute-1.amazonaws.com

Software

Resource Hash

16c1452fa5f67b64b3ba9ea050d5a9af8b4169e1b9bcf986a5980262203b73b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:56 GMT
request-time: 3
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: a715c798047f6a91
content-length: 42

POST
H2 200 li Show response
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ 312 B
516 B 180ms
180ms Fetch
application/json 52.24.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.31.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-31-78.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f4075e4cc33314e7c26f221fd3956ce72e46cb8f76942dadbf55f293c4478d12

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 14 Aug 2022 07:32:57 GMT
x-amzn-requestid: fc86015a-2c56-496c-9290-aa4a64b4b584
x-amz-apigw-id: W16-dGu_vHcFR5Q=
x-amzn-trace-id: Root=1-62f8a529-604854101e28c57450988864
content-length: 312
content-type: application/json

OPTIONS
H2 200 li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ Frame 0
0 531ms
173ms Preflight
application/json 52.24.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.31.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-31-78.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 14 Aug 2022 07:32:57 GMT
x-amz-apigw-id: W16-cHTCPHcFV1Q=
x-amzn-requestid: 06c54ac2-f2cf-4802-b7f9-24a3a98ac584

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9F8 13 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 21:29:53 GMT
expires: Sun, 13 Aug 2023 21:29:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11AD 783 B
535 B 26ms
26ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e874ea5c7ac80a0c8a997e3212682472299b9d18b301d180cf675395a60e0cc1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e4akqTpPK_99ahzZObiLkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-e4akqTpPK_99ahzZObiLkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 07:32:56 GMT
expires: Sun, 14 Aug 2022 07:32:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame C9F8 36 KB
14 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 431534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11AD 0
0 75ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080901&jk=2536058822115295&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C9F8 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_kvMAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 c Show response
ea.youmaker.com/api/pw/ 0
225 B 1098ms
1098ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 New York, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.ntd.com
date: Sun, 14 Aug 2022 07:32:58 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

OPTIONS
H2 200 c
ea.youmaker.com/api/pw/ Frame 0
0 96ms
96ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 New York, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Sun, 14 Aug 2022 07:32:57 GMT
server: nginx/1.20.1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080901&jk=2536058822115295&bg=!r6ylrOjNAAa4hXTbmIU7ACkAdvg8WqTrCK-kYQiSlSz03Z84JFEPy_vM-gpRPQyj7ge6egMzyFKBdgIAAABHUgAAAARoAQeZAsu1aP68Gmw9UdYzovWnjDdi9w_W7KIVrITE8HTdkC72Sb2QU-a7l7C3igSYwMPs-5rpj59Lzy_rnrlfG18m6h0CSSt1cHz93uNDh49C035j5I46dLMke-UmUor_oGstluexwohp3gDMrLBF4TJza40TQLsHly2M96Vb7Dp2E0I-i5AMg635dBH8IF0UGMfMzw9nWXv6sneHiEaj43GyLsyBQucA9IbxIl7Ad7H1aMF2pOPiAvBfjwgfPaURC00RpyUMYSf_I0lReOMFwwd5xFtsO-5ZmO6fFgSquT-OaWKSJhXS63M2kcrHoeIOan1UG7BbuB1WTcEVScdXndtJ-bKfojBK09RxH0QybLA2sGWP0lm-XOvX8sMhleZU2Pt9c9Y2OtO2NRhRxKBlQOw3r4vlVpzdud6pDdNl9ENhrIy3iQWQ345Omr0f-uUD6Qo3loPvgyB-NR63DQbBdkYgaSDDjKnkZiadQ8yhI0079qX_Sb-OKpenlvbFss_aVLLGDw3xervK8wi82b7Hiv0Mg7Sadnboex3Hez5uqgUeRAUAVEC88H0lh6LgOXF4x0UgVczcL6QKRcqUNwwR7kTuCGB_tOTN7BDxnm1voTJFXWGTAbwewI_fMKyfZ5N3whv2juCQ0SSUCc7tVWs2p7WWZ0ICzlIv7fDeARw5jhVlEnOSQZ221QLJqMis13wL35qh8LvW_RQiTA7c77PS75O6Bjt0ql71VkMs_mNmsK7KmlY1kxsJinQF1AbisjWFTvkIlIQpkmrMUZq0XmFa-7D1q4HJ7RqWsv54HgDRrCYhJA7oZfWk3AEq_xWbxCOQuGdKu7cotFMxtZEoVpGn35qvTvPeHSb7MmnwF0uDfArCaRNFD4OIvu5Odih07v6VlS6J9yT8l7i7tXOS3dUfIUvjBNtoDUB-JI10hG7UdiLlOMYKpqzE3cR-XZmxfkZy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 push_notif_ntd.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 115ms
36ms Script
application/javascript 2606:4700:3038::6815:ea4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/china-expert-warns-of-ccp-virus-half-truths_687400.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 19:08:58 GMT
server: cloudflare
age: 6884
etag: W/"5e4d87ca-189e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pmh%2BFuEmmmCzGgdmgQWnrq4arFeN3QSK%2FC9ldJvYKpLK7xFH%2FBj%2Fsgo%2BYuuLn1BoEPPcSzNyFvntp2F9PSrkyxiy2MvCT%2Fhr6gdTYctEHIABkgoOKUBrY%2FjBOf8ey2ZaB3zc6YYHAbRQAEHcNZS2UjyDAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73a7ffe2c8df3743-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cbb358742efbe80005a15256de11d533.js Show response
clientcdn.pushengage.com/core/ 93 KB
21 KB 287ms
237ms Script
application/javascript 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1660462371901
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-91.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6e68201b739bf66b09f1bfadfef7696bb50d5b7ec34e1274cb29b5c1e606411c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:32:57 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-id: oiK_pSUCB-WuAtPApMrtPqYf2OAWEkemkdYQani8uuEWYE1bcFgj7g==
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 05:57:34	Name: _li_ss Value: MgYIkgEQ8RI
tnews.to/	1970-01-20 05:57:34	Name: prli_click_4263 Value: china-expert-warns-of-ccp-virus-half-truths
tnews.to/	1970-01-20 13:59:58	Name: prli_visitor Value: 62f8a520ec91b
.ntd.com/	1970-01-20 14:50:22	Name: _ga Value: GA1.2.311763380.1660462372
.ntd.com/	1970-01-20 05:15:48	Name: _gid Value: GA1.2.1672187176.1660462372
.ntd.com/	1970-01-20 05:14:22	Name: _gat Value: 1
www.ntd.com/	1970-01-20 13:59:58	Name: epoch_gdpr_userid Value: e336acda-4176-cacd-6934-087e4907da54
.ntd.com/	1970-01-20 05:24:27	Name: ntdViewCount_fb Value: 2
.postrelease.com/	1970-01-20 13:59:58	Name: opt_out Value: 1
.t.co/	1970-01-20 14:50:22	Name: muc_ads Value: 1c343b11-0654-4637-ab77-cb303c16afca
.twitter.com/	1970-01-20 14:50:22	Name: personalization_id Value: "v1_kO2EC11wRnHS2tCZdLSX9A=="
www.ntd.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":2778904,"placementID":1164748,"lastInteraction":1660462372462,"sessionStart":1660462372462,"sessionEndDate":1660521600000,"experiment":""}
.adnxs.com/	1970-01-20 07:23:58	Name: icu Value: ChgI159BEAoYASABKAEwpMrilwY4AUABSAEQpMrilwYYAA..
.postrelease.com/	1970-01-20 13:59:58	Name: visitor Value: ""
.postrelease.com/	1970-01-20 13:59:58	Name: status Value: 0
.postrelease.com/	1970-01-20 13:59:58	Name: ver Value: 1
.adnxs.com/	1970-01-20 07:23:58	Name: uuid2 Value: 7544850076752873303
.rubiconproject.com/	1970-01-20 13:59:58	Name: khaos Value: L6T0FAGV-U-2LJZ
.rubiconproject.com/	1970-01-20 13:59:58	Name: audit Value: 1\|naVuGyos1qqKs7CmVZtuJQ/5onLiA/RiY1TdhAkPVQCBH6ymE720AGmq8pkGwVsj256dQHZRyj1o2B05UvZjLyq7UpNBJB/lsqlSNZOaaDQ=
.ntd.com/	1970-01-20 14:35:58	Name: __gads Value: ID=4a3d6ee002a941be:T=1660462372:S=ALNI_MYKiLDval-mZtmIq3IdzRmle0Qo6A
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85140\|YvilG
.doubleclick.net/	1970-01-20 14:35:58	Name: IDE Value: AHWqTUmkT1ap1qZlUJiKeaztpzXmAXObjyHus8AW9q4BUsXj8m2oTvTxofe74cQyJHY
.mixi.media/	1970-01-20 13:59:58	Name: _sm_uid Value: a6cabbdc-3f7b-4acc-a096-dfaf1f03c825
.mixi.media/	1970-01-20 13:59:58	Name: _sm_udt Value: 1660462373715
.mixi.media/	1970-01-20 05:14:24	Name: _sm_sid Value: dc8fcfbc-c773-434b-95ed-bef4b4f21c56
.mixi.media/	1970-01-20 07:38:22	Name: nid Value: ads5-3ssel31
.stat.media/	1970-01-20 13:59:58	Name: _sm_uid Value: a6cabbdc-3f7b-4acc-a096-dfaf1f03c825
.stat.media/	1970-01-20 13:59:58	Name: _sm_udt Value: 1660462373715
.stat.media/	1970-01-20 05:14:24	Name: _sm_sid Value: dc8fcfbc-c773-434b-95ed-bef4b4f21c56
.stat.media/	1970-01-20 05:57:34	Name: _sm_cm Value: 32
a.clickcertain.com/	1970-01-20 13:59:58	Name: _ccpx_u Value: 7e75a718%2da979%2d4ca3%2da110%2d4b5ccd3c6513
a.clickcertain.com/	1970-01-20 13:59:58	Name: _ccpx Value: 2455d1796b86efb
a.clickcertain.com/	1970-01-20 13:59:58	Name: _ccpx_2455d1796b86efb Value: 1
.yahoo.com/	1970-01-20 14:00:19	Name: A3 Value: d=AQABBCel-GICEINyApzls_nEtX4wn2mVQ-QFEgEBAQH2-WICYwAAAAAA_eMAAA&S=AQAAAqrfWmQwSdxz8HGR5pIZ2EU
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 13:59:58	Name: bcookie Value: "v=2&3e9fd8a9-7f3a-4cb3-8f7d-eafa7409c8a3"
.linkedin.com/	1970-01-20 09:33:34	Name: li_gc Value: MTswOzE2NjA0NjIzNzU7MjswMjG9N48/J2bBqcz3JeRzBcurG0IIHik70YXDjflTy0Et4g==
.linkedin.com/	1970-01-20 05:15:48	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2415:u=1:x=1:i=1660462375:t=1660548775:v=2:sig=AQEW1howIdNl1FGOCt-8__5V1rQRE5Qh"
www.ntd.com/	1970-01-20 09:33:34	Name: _geuid Value: 6a099e0e-9ba3-4655-9619-e76416141547
www.ntd.com/	1970-01-20 09:33:34	Name: _gepi Value: true
www.ntd.com/	1970-01-20 05:57:34	Name: _geps Value: true
.amazon-adsystem.com/	1970-01-20 14:50:22	Name: ad-privacy Value: 0
.ntd.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ntd.com
.ntd.com/	1970-01-20 14:50:22	Name: _lc2_fpi Value: 33df6995a8cd--01gadma8btzrtkz8x25m8ae93n
.tapad.com/	1970-01-20 06:40:46	Name: TapAd_TS Value: 1660462375285
.tapad.com/	1970-01-20 06:40:46	Name: TapAd_DID Value: 7cdb7598-1d81-401e-b62d-5cd96ca8cf0d
.tapad.com/	1970-01-20 06:40:46	Name: TapAd_3WAY_SYNCS Value:
.amazon-adsystem.com/	1970-01-20 10:45:34	Name: ad-id Value: A8wIoEZUeEFNu_zfEKUfSt0
.liadm.com/	1970-01-20 14:50:22	Name: lidid Value: 26594824-4f2f-4fa0-a053-c8aee52020a0
.bidswitch.net/	1970-01-20 13:59:58	Name: tuuid Value: 6794a700-e85d-4f9e-9963-0c761d3bbdf8
.bidswitch.net/	1970-01-20 13:59:58	Name: c Value: 1660462376
.bidswitch.net/	1970-01-20 13:59:58	Name: tuuid_lu Value: 1660462376
.ntd.com/	1970-01-20 05:14:25	Name: __li_idex_cache_eyJyZXNvbHZlIjpbIm1kNSJdfQ Value: {%22md5%22:%2272bd732a01b84cb28a36776e660c6d3c%22}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c11dd0b4254ff273435b6b3e421f692.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
b-code.liadm.com
c.amazon-adsystem.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
clientcdn.pushengage.com
cm.g.doubleclick.net
comment.youmaker.com
ea.youmaker.com
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
i.liadm.com
ib.adnxs.com
idx.liadm.com
imasdk.googleapis.com
img.ntd.com
jadserve.postrelease.com
js.chargebee.com
mixi.media
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.adnxs.com
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s.ntv.io
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.epoch.cloud
stat.media
static.ads-twitter.com
static.mixi.media
static3.mixi.media
static4.mixi.media
static6.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync.go.sonobi.com
t.co
target.mixi.media
tnews.to
token.rubiconproject.com
tpc.googlesyndication.com
vs1.youmaker.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youmaker.com
x.bidswitch.net
104.244.42.133
104.244.42.67
104.96.145.246
107.21.19.116
13.32.121.21
136.243.66.182
142.250.185.194
151.101.129.108
151.139.128.11
172.217.23.98
18.66.139.63
18.66.139.91
185.89.208.11
199.232.16.157
2.18.79.136
209.54.182.161
23.35.237.64
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:225e:5c00:8:8845:1500:93a1
2602:803:c003:200::21
2606:4700:20::681a:27a
2606:4700:20::681a:832
2606:4700:3037::6815:2a1f
2606:4700:3038::6815:ea4f
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9b
2a02:26f0:dc::217:610b
2a02:fa8:8806:13::1370
2a05:d018:d29:3605:c111:9aee:7bd3:6707
3.120.100.229
34.120.33.89
34.120.97.157
35.201.68.206
35.227.248.159
35.244.243.66
37.252.172.123
37.252.172.250
4.7.168.74
51.38.120.206
52.207.193.102
52.218.250.56
52.222.209.55
52.24.31.78
54.146.208.95
54.154.173.206
54.239.38.253
54.78.145.15
69.166.1.10
69.173.144.138
69.173.144.139
82.202.225.227
0011a11726bf0bbfcf1f2f4406071b3ee90f4b231f1aec792c9c4cb6ab5e90fe
024e9f55396e1e4f3afbbae01da7583157951eba29506e5f9784cc9469d502e8
03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09a844ff5ec0824771ea4f9fe9599a2aa92a2e6c41bc5aefa9fea5e196e30dd9
09c4876d230686046390e0e836d90f43012aad1a55d2919e73af46c049069f5f
09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
138aa5b7e420e6792e9392fedccb0b2b8643ed118f0786b0dc71502c31e1f542
142eb8b80aa24ea4ec89bbfda883fbdb34b8b00a817cdb647873bcc50b6b144f
16acfd9bb0d5689a9d1b736697a30df8c91ec20ccdcf9272d6f5c8ecf37368a1
16c1452fa5f67b64b3ba9ea050d5a9af8b4169e1b9bcf986a5980262203b73b8
1addb10208b8edfe1ffa0ff6735c648e534964150e38bbadd0bf1ea231c4218f
1b3b1eeba5d3296f2d222e0b5389df3643e48611491a8d5a23169f1ebb702e4e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20ca01957f3d54c82fc838df4747b4802cb6fd0675754ecf80b7660bd65f250a
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
28d309c3efe79160ec57b3450c8f6652eb16e5acf51405d50fae13cfa1258ef4
2adceebc09b54cfe834c661ccafce5b8808a14683051556b2105ed3dda30c761
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
2e6669363a261b587dace8d48e7ecec799feffa8611a337bf05652e1e7b32849
2e7d902bcc53dbc8643eddb9174c2baa9656d29915dea7f6a06f3af07ad49703
315c3b5d130c82b11f8ec213c9ce1c1fae8cc817b04e6f5758ce8b9b0479bb66
31cfe53a30f429bf940d747c0804c44f26a4e4d71500d88509c67b808a8ec0a9
32f0e5bee3162aa3211f4f690ccf625a8fe6a746467e3d88921c750125d33681
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
3c15db5f59b3404361f68a830d61e28e37b6311ac3914e1d4f25793635c4568b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7608a4a191f43ba5abd88f104fd1a1a31dcce6a8d9edefa3f913bd30179829
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42770b6221bfdb7114115a8b112b429c01309c9b31058a97c6cd96876f72abec
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
47dc1b39d61a338f5c4103102cefb325097941d3db660109a03cd93fd814f21d
4a4c72d2b247c4a5da3dc7698c5654751fbe17c32a6c0debc1bc95ef02c59a46
4aa2889a33babf6c560df179f876ddf5bbf5346d1893d9f3fb9c99055e540d07
4ea424c7fd7b449857bd4b61c4b1880d4b92aa5e2f2729a18732be5ec37aff8a
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cf5c40f8496865de84ae2dbc503775039a52c8693cf80282993c131da76e14
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0
5804d801dbda00827f2f8ee8349da75f7b4b15f4ab0e41b5eea088c071860861
596c8e7a75c807a66f849094aff48c0adc435d6b4c1177b85e2e77fc2b1e55f4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1
5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b3c8aea123f4167478f7d48636bc46a1730d9775878d3f32ecc79c7d509f78
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958
6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209
6ab73c869d9858004aecfd99a2343f4bf14f9db19d0733fb5ed3bff2878501ca
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
6e68201b739bf66b09f1bfadfef7696bb50d5b7ec34e1274cb29b5c1e606411c
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
71e857e19f4b2cab945e0a61e29167a378f44d307a401f2407733e53b455dd0e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e
79e7b6104feafd5bbed7edd83bb501fde5bcf819a6fbd55af9260e456eb679e6
7b547aae8758922f08651b0ae7de507b65ba1011d292c317639e2639e658109f
7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654
7c938f182d0af019dd903b789ae7cfc1b387022836d1937ab2265cc2fbeecc18
7e1dd8fe5fdb91c932d1d10144939412242ea67c7f8ea7c6d88bdb1234b0407d
7e842ae6e9fc0ea12a6e5750d1ac7138df0084feebe6e52d1193322fb159301e
7e98d4c09eb60016287d23f9924708bacce63c2b285d0946f0af6ccca5915ce2
7f5840d8c699b98ef1668903826fca6ee7d1e115858fdd569cfb5dde5865c6e9
80780a5e56dc244606ea03bdf39b6974b2136efe2cb206809949bec4fd43ce69
820f9e356585f1120e62381fe4dd30ca3ab836752c3306c1f45eb45bf7749cb5
826c0421864972168d5e92e6bec6caf1e72526ed7f29e585277169e953643efa
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854618e81eb4673bce5dd08f3f5711621bc6364e51f3a3b1de6eec0e8f943ab6
86f15b0fa381f308d0878fbcedb296bfdb166f7fa576cef934a28ca958e385fb
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8cdd3867a8878a1606322ad74595fe8ab8d01bed82c11b2617f62b8e0201ea6e
8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0
9466b212e83f6bdf7a3587f647c2b557fe9c8bf387140ded83c322a4e87a8239
952e5f9775e9915788d7d6706894c2735e64cf0e46c2b813390602c963c1f479
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9f98d519001d14be538dd3d9cbcb8e59457674876605857cf67b421ca2f3b995
a006bda7e1aaa6652f64e00ae31300fd7274703e58b5ce864e1b938dcfcee4d2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ac1f09965e981a01cbcb58d4f94b7c708e4b50d94cbffd0d0472ca395b03e9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26ccc48e3aa9d58e7c8e8567a0e097c93f1f1ebb5db5d503465f99615cdd4df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57dda48b27a9882de858ff0f8c6370b99f4a0d591be533e993ffc1885aa00c3
a64e083bdb3ff06c71a5ac92ecadf7a268e26dacf715baae6e84a6a3f3711366
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aad2d63ef62494907810c6a1a3a47e827e3c0a4babce855cadf0fc16cf397a9a
abeed4f18f48c235ffd15e3864555d3a1bb1d6b02820680f892b9eb28d1ab508
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
b1b8d3f35cdc8417f4b959d9824e605afa7f4beb159de8781833eb85eaa98d21
b25ad312b1dfbfa0c2fe26c788828fb10a5abb0c3abfaa240804d1bb36358591
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b86abf644a646bc95614bb10b189dc7fe111e343b99677aa33d5b78671675e48
b934132edbd9aadb89d8be2aa2a4b717d824f4a50c0be5f7cc51872d607e2533
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5
be75685a573924fd14db00ac0d9da6d951c2352dc4649f36c94912e2d4596eba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29c7af25062b94589535b92bf6a5868b7bad028d5a6494971f38bc530632cdf
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
c6547b2a8866e61b15cfcefb2ddb03aebe0ce6dd03d9bcbb66b4bb4901407311
c6b16d7e11d1a9803dfe4ab5f8000d95bc62fb140a77f955a2c6960e132e4120
c7271c2ba7e33930b7557517a5187c14ecfcf328012d5d3c376936a65a7863aa
c84e3c10e7e6872f1565ed0fcbd34d0e90926ed48b46a882d66f3f81ac40b26d
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cbca6036b18464e5c94eac4948837c3a9d59f49662059363b7c99bcc705ff655
cec1bf3a98ee7ea6198b63e4b632d8e25599a74e35c06f9b499bd373da8dfb90
cf187e527d083da8317e30a92a094efc262c57e9d32ae5b80593f65fd9700874
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
d3c3f8748a6e3502a3f7f8170cc617f5b5706a2ab31e5cb647443acc99499aa7
d42f6dcfecc40d5835ef1571f5d5769e6f831392c520fba5be91b5b835351e18
dcd09207e667f1cd6bc5c3c25d7d5feaec69caf217acabfb55efc715bd52b215
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
e0258f498f2edf63c2903b2d39ceabf8b3c511a3e64732ef41743f74667f5d44
e0d6147dc835a17b9d6e07d311fd3fc6e3c457b29c07ca5bb3bee2d8f279eef5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4328db66139f0cb514c6b497dacd62b839692dbe739980c3d9b9934e816938f
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e67401b1d1396caeb40126cf0ba3b5d1869e9bd700e5762f92943b997b734cc8
e6d52fb9d798bb53b7b50602d6c2bb5c057745e9ec8d43772118b37115a34288
e7cee0a0eb35e96c9a23a587db0ae9e57a4d440d42ce34a686dbeb5c3b9ee3d2
e874ea5c7ac80a0c8a997e3212682472299b9d18b301d180cf675395a60e0cc1
ea74f424ae59927bd2edde5e2930f2b91c9f89927c05c6923bbd1b79c0831705
eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd
ec1ec16097c77dd1603e31d2a6c60d46802db3e9e1d01fd1545730f9fe52871c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268
ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4075e4cc33314e7c26f221fd3956ce72e46cb8f76942dadbf55f293c4478d12
f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a
f54c2e8bda3af801a52d3b580e982f4317166bc8a79486b88b69647a1e7e6246
f56cd1f817c7f3d947a4f5e73d6e7ea6736f17835869a361115b000e3ab0baac
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347
f81fafb66225e1363d488149050f651f1a51501deda76278b4911e90d85c4ff3
f952d40de50ee68414a8454d93b85fa326a029b3cd7d070bc19a206e15702924
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fbd71e32590d1490dd3b01ef3d7ffee11a8c384dacc3cc6a13909356775f44b6
fd3b2446c0fd6392dd4c963d5eb37248ccf119df0628497ee78c52884abbd613

www.ntd.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

93 %HTTPS

41 %IPv6

37 Domains

72 Subdomains

59 IPs

10 Countries

7801 kBTransfer

11296 kBSize

53 Cookies

18 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

93 %
HTTPS

41 %
IPv6

37
Domains

72
Subdomains

59
IPs

10
Countries

7801 kB
Transfer

11296 kB
Size

53
Cookies

223 HTTP transactions
4 data transactions