www.ntd.com Open in urlscan Pro
2606:4700::6812:191e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.day/death-chinese-official-related-forced-organ-harvesting
Effective URL:
https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Submission: On November 27 via api (November 27th 2023, 4:51:09 pm UTC) from CA — Scanned from NL

Summary HTTP 176 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 41 domains to perform 176 HTTP transactions. The main IP is 2606:4700::6812:191e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 825587.
TLS certificate: Issued by E1 on October 8th 2023. Valid for: 3 months.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2606:4700::68... 2606:4700::6812:191e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.19.198.138 2.19.198.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.107.251.162 34.107.251.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
12	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	18.239.83.131 18.239.83.131	16509 (AMAZON-02) (AMAZON-02)
2	34.120.97.157 34.120.97.157	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.110.129.224 34.110.129.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	52.92.241.32 52.92.241.32	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
1	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
3 9	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.207.9.209 18.207.9.209	14618 (AMAZON-AES) (AMAZON-AES)
4 10	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
3	185.162.95.70 185.162.95.70	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e6:... 2606:4700:e6::ac40:ca07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:c600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	100.25.176.198 100.25.176.198	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:730... 2600:1f18:730:b110:35a4:c4c9:a19a:9c98	14618 (AMAZON-AES) (AMAZON-AES)
1	35.168.179.116 35.168.179.116	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.32.175.23 52.32.175.23	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	2.19.226.3 2.19.226.3	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	44.215.233.184 44.215.233.184	() ()
2	178.250.1.9 178.250.1.9	() ()
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
6	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:d29... 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3	16509 (AMAZON-02) (AMAZON-02)
1	52.16.22.123 52.16.22.123	16509 (AMAZON-02) (AMAZON-02)
1 1	52.87.28.41 52.87.28.41	14618 (AMAZON-AES) (AMAZON-AES)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
176	52

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.day	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700::6812:191e (United States)

ASN13335 (CLOUDFLARENET, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.19.198.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-138.deploy.static.akamaitechnologies.com

i.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.251.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.251.107.34.bc.googleusercontent.com

subs.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static5.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.83.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.97.157 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com

pwe.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.241.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.9.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-9-209.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.101 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.162.95.70 (St Petersburg, Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: sm-server1-1.smir12.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:ca07 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:c600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.176.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-176-198.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:27a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:35a4:c4c9:a19a:9c98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.179.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-179-116.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.32.175.23 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-175-23.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.226.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-226-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.233.184 (None, ) 2 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.22.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-22-123.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.28.41 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-28-41.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	ntd.com www.ntd.com — Cisco Umbrella Rank: 825587 i.ntd.com — Cisco Umbrella Rank: 791752	2 MB
15	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	10 KB
13	adnxs.com 4 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1633 ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609 secure.adnxs.com — Cisco Umbrella Rank: 495	42 KB
12	mixi.media mixi.media — Cisco Umbrella Rank: 47328 static.mixi.media — Cisco Umbrella Rank: 99947 stat.mixi.media — Cisco Umbrella Rank: 60756 static4.mixi.media — Cisco Umbrella Rank: 183099 static8.mixi.media — Cisco Umbrella Rank: 77286 static3.mixi.media — Cisco Umbrella Rank: 70500 static5.mixi.media — Cisco Umbrella Rank: 184981 static2.mixi.media — Cisco Umbrella Rank: 155826	367 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	82 KB
9	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 s.amazon-adsystem.com — Cisco Umbrella Rank: 310	72 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	149 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	36 KB
6	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 3063 idx.liadm.com — Cisco Umbrella Rank: 2376 rp.liadm.com — Cisco Umbrella Rank: 1574 rp4.liadm.com — Cisco Umbrella Rank: 6581 i.liadm.com	18 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	991 KB
6	epochbase.com subs.epochbase.com — Cisco Umbrella Rank: 268548 pwe.epochbase.com — Cisco Umbrella Rank: 70606	79 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	104 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	16 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674 cdn.indexww.com — Cisco Umbrella Rank: 1531	3 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	815 B
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 903	48 KB
3	stat.media stat.media — Cisco Umbrella Rank: 36500	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	232 KB
2	criteo.com dis.criteo.com	725 B
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 7036	974 B
2	clickcertain.com 1 redirects a.clickcertain.com — Cisco Umbrella Rank: 7633	3 KB
2	epoch.cloud cdn.epoch.cloud — Cisco Umbrella Rank: 87631	175 KB
2	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 4810	779 B
2	youmaker.com sc.youmaker.com — Cisco Umbrella Rank: 82661	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 726	187 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	626 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718	244 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242	514 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 573	433 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	603 B
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 40202	596 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 2253	104 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 931	443 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10244	408 B
1	amazonaws.com s3-us-west-2.amazonaws.com	60 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	30 KB
1	tnews.day 1 redirects tnews.day	873 B
0	adotmob.com Failed sync.adotmob.com Failed
176	41

	Domain	Requested by
37	www.ntd.com	www.ntd.com
10	i.ntd.com	www.ntd.com
8	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
8	ib.adnxs.com	2 redirects i.ntd.com acdn.adnxs.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.ntd.com
5	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pwe.epochbase.com	www.ntd.com
5	www.google.com	1 redirects www.ntd.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	onetag-sys.com	i.ntd.com
4	unpkg.com	2 redirects www.ntd.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ntd.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
3	stat.media	stat.mixi.media
3	www.googletagmanager.com	www.ntd.com www.googletagmanager.com
3	mixi.media	www.ntd.com static.mixi.media
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cdn.indexww.com	ssum-sec.casalemedia.com
2	secure.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	dis.criteo.com	ssum-sec.casalemedia.com
2	i.liadm.com	2 redirects
2	js-sec.indexww.com	i.ntd.com
2	eus.rubiconproject.com	i.ntd.com eus.rubiconproject.com
2	acdn.adnxs.com	i.ntd.com
2	p.alocdn.com	1 redirects
2	a.clickcertain.com	1 redirects
2	cdn.epoch.cloud	www.ntd.com
2	fonts.gstatic.com	www.google.com
2	static5.mixi.media	www.ntd.com
2	fastlane.rubiconproject.com	i.ntd.com
2	exchange.postrelease.com	i.ntd.com
2	htlb.casalemedia.com	i.ntd.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	region1.analytics.google.com	www.googletagmanager.com
2	static.mixi.media	mixi.media www.ntd.com
2	sc.youmaker.com	www.ntd.com
2	www.youtube.com	www.ntd.com www.youtube.com
1	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
1	um.simpli.fi	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	match.adsby.bidtheatre.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	googleads.g.doubleclick.net	www.ntd.com
1	0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	a.remarketstats.com	1 redirects
1	idx.liadm.com	b-code.liadm.com
1	prebid-match.dotomi.com	www.ntd.com
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	sync.go.sonobi.com	www.ntd.com
1	static2.mixi.media	www.ntd.com
1	static3.mixi.media	www.ntd.com
1	static8.mixi.media	www.ntd.com
1	static4.mixi.media	www.ntd.com
1	prebid.adnxs.com	i.ntd.com
1	www.google.nl	www.ntd.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	stat.mixi.media	mixi.media
1	www.googletagservices.com	www.ntd.com
1	subs.epochbase.com	www.ntd.com
1	tnews.day	1 redirects
0	sync.adotmob.com Failed	ssum-sec.casalemedia.com
176	72

This site contains links to these domains. Also see Links.

Domain
www.theepochtimes.com
mixi.media
donate.ntd.com
help.ntd.com

Subject Issuer	Validity	Valid
ntd.com E1	`2023-10-08` - `2024-01-06`	3 months	crt.sh
i.ntd.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-17` - `2024-01-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mixi.media R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-18` - `2024-07-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.mixi.media R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
stat.mixi.media R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2023-05-31` - `2024-06-30`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
stat.media R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh
epoch.cloud GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Frame ID: ADED6F385D5512AD634B9870457DE5E1
Requests: 129 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=3e407i881c9i
Frame ID: 6D74AFADAB31939EF4CBF32D00AA047D
Requests: 7 HTTP requests in this frame

Frame: https://0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD41F311F85D24EC941F053E0741C4C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F642BA7D3553F0ACAD643F30570BD8F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 308F0E35C5C0BF2C4CE3DEF084B97344
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 3967541F11329D3575652ABE77741E1F
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701103861067
Frame ID: 60F2E3406D59DDF92C2CA06CAF595661
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9042E2F2E0A1D7F2D287FFC6795E0B40
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 85C43AC4532E5CA663136D51F2D38B50
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9F60F1073734B9E461B338139E66A9B2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 61E36EBD5A52FE1A929BC014A06B1723
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701103861068
Frame ID: B230B491DEDC1F2A0BA59FB1AD48222F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 78745AE389A3492A32CB5900365038A4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4A204A92B3C56A6116FB1B0E75B4A5B3
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1AD5A3586472827D2DAFF29FE4551A88
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Death of Chinese Official Amid COVID Wave Casts Spotlight on Forced Organ Harvesting | NTD

Page URL History Show full URLs

https://tnews.day/death-chinese-official-related-forced-organ-harvesting HTTP 307
https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-ha... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

176
Requests

88 %
HTTPS

42 %
IPv6

41
Domains

72
Subdomains

52
IPs

9
Countries

4170 kB
Transfer

7821 kB
Size

49
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.theepochtimes.com/chinese-regime-likely-manipulated-organ-donation-data-study-finds_3147888.html%C2%A0
Title: study

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/unmatched-wickedness-tribunal-confirms-longstanding-allegations-of-organ-harvesting-by-china_2970592.html%C2%A0
Title: found

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/china-is-still-forcibly-harvesting-organs-for-transplantation-independent-tribunal-finds_3257293.html%C2%A0
Title: showing

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_4969198.html
Title: The Epoch Times

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=13950379&bl=95162&ct=adpreview&st=43&nvuuid=c8dd734b-f4ab-bab9-6500-001c64d401ef&bvuuid=56ad6932-ef28-496b-8306-3170e452ef02&rnd=485444537&ag=25&ev=H4sIAAAAAAAA_-OSWL37MtvR_uNsh25eZOuZOpnt0q2DbNuBYgBAtiGbGgAAAA&suid=CiRjNWNkMzEzNC1hNWVmLTQ4ZGYtYjUwOS0zZDhmOWFhYjIwZWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=13748165&bl=95162&ct=adpreview&st=43&nvuuid=c8c77312-f4c5-baf2-6500-001464d101ce&bvuuid=56ad6932-ef28-496b-8306-3170e452ef02&rnd=349049586&ag=25&ev=H4sIAAAAAAAA_-OSWL37MtvR_uNsh25eZOuZOpnt0q2DbNuBYgBAtiGbGgAAAA&suid=CiRjNWNkMzEzNC1hNWVmLTQ4ZGYtYjUwOS0zZDhmOWFhYjIwZWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=13921474&bl=95162&ct=adpreview&st=43&nvuuid=c86c7348-f4c2-ba32-6500-001764d40192&bvuuid=56ad6932-ef28-496b-8306-3170e452ef02&rnd=395462706&ag=25&ev=H4sIAAAAAAAA_-OSWL37MtvR_uNsh25eZOuZOpnt0q2DbNuBYgBAtiGbGgAAAA&suid=CiRjNWNkMzEzNC1hNWVmLTQ4ZGYtYjUwOS0zZDhmOWFhYjIwZWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12896908&bl=95162&ct=adpreview&st=43&nvuuid=c8ca73fb-f48c-ba3c-6500-000764c40112&bvuuid=56ad6932-ef28-496b-8306-3170e452ef02&rnd=118684476&ag=25&ev=H4sIAAAAAAAA_-OSWL37MtvR_uNsh25eZOuZOpnt0q2DbNuBYgBAtiGbGgAAAA&suid=CiRjNWNkMzEzNC1hNWVmLTQ4ZGYtYjUwOS0zZDhmOWFhYjIwZWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=13659474&bl=95162&ct=adpreview&st=43&nvuuid=c86d73e3-f452-ba57-6500-001064d0018c&bvuuid=56ad6932-ef28-496b-8306-3170e452ef02&rnd=277668695&ag=25&ev=H4sIAAAAAAAA_-OSWL37MtvR_uNsh25eZOuZOpnt0q2DbNuBYgBAtiGbGgAAAA&suid=CiRjNWNkMzEzNC1hNWVmLTQ4ZGYtYjUwOS0zZDhmOWFhYjIwZWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=13950391&bl=95162&ct=adpreview&st=43&nvuuid=c8dd7390-f4b7-ba65-6500-006164d4018a&bvuuid=56ad6932-ef28-496b-8306-3170e452ef02&rnd=1636470885&ag=25&ev=H4sIAAAAAAAA_-OSWL37MtvR_uNsh25eZOuZOpnt0q2DbNuBYgBAtiGbGgAAAA&suid=CiRjNWNkMzEzNC1hNWVmLTQ4ZGYtYjUwOS0zZDhmOWFhYjIwZWISC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://donate.ntd.com/
Title: Support Us

Search URL Search Domain Scan URL

URL: https://help.ntd.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.day/death-chinese-official-related-forced-organ-harvesting HTTP 307
https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://unpkg.com/react@18/umd/react.production.min.js HTTP 302
https://unpkg.com/react@18.2.0/umd/react.production.min.js

Request Chain 87

https://unpkg.com/react-dom@18/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Request Chain 126

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html HTTP 302
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb

Request Chain 127

https://rp.liadm.com/j?dtstmp=1701103861950&se=e30&duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&tna=v2.11.1&pu=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&wpn=lc-bundle HTTP 302
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&tna=v2.11.1&dtstmp=1701103861950&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D

Request Chain 132

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25228b273da1-473c-43cb-a7e1-83860ba4c118%2522%257D&title=Death%20of%20Chinese%20Official%20Amid%20COVID%20Wave%20Casts%20Spotlight%20on%20Forced%20Organ%20Harvesting%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25228b273da1-473c-43cb-a7e1-83860ba4c118%2522%257D&title=Death%20of%20Chinese%20Official%20Amid%20COVID%20Wave%20Casts%20Spotlight%20on%20Forced%20Organ%20Harvesting%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tdc=1

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 159

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 160

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 161

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 164

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTI97tAKkoVaKtgOpfZEgAA%265239&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOhxFOYn1Bu5ZUBXlKK9NlQ&google_cver=1

Request Chain 168

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NMTnBMhvWo9Gf8ttl997bh_Mlm4

Request Chain 169

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343

Request Chain 170

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZWTI97tAKkoVaKtgOpfZEgAA%265239 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=7c86e43b-1ca4-4a35-a76c-e6f28b6525e3

Request Chain 174

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 175

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTI97tAKkoVaKtgOpfZEgAA%265239&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWTI97tAKkoVaKtgOpfZEgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBTYqzniWRAnxiGkBtHu1F4&google_cver=1

Request Chain 177

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343

Request Chain 178

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 179

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A65434DCF67D4AC3B9B0183BBA9A036F

176 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html Show response
www.ntd.com/
Redirect Chain

https://tnews.day/death-chinese-official-related-forced-organ-harvesting
https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

130 KB
24 KB

705ms
625ms

Document
text/html

2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

62982de3852dcf439c2a2f601f359288888edf6782ca42fc12d304efa3e35b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 82cbdf8cfea166f2-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 16:50:59 GMT
expires: Mon, 27 Nov 2023 20:50:59 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nextjs-cache: STALE
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 82cbdf889f5c66dc-AMS
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 16:50:58 GMT
expires: Mon, 07 Jul 1777 07:07:07 GMT
location: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEENRJCxmX5KsoC2hiOtqoHZuBhv7HTwCj6uhkPL39JHxPd2tdoNyvHwN8aK3wuawgrisQYwlxaIMqrlJDOWYpHcoGZ1zCe6SSq8YN6n3gCOwjpN7J5X6NgaXLkrECkvlnLpPzULIdc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
x-redirect-powered-by: Pretty Link Pro Developer 3.6.1 http://prettylink.com
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK GettyImages-1044068124-1200x794-900x506.jpg
i.ntd.com/assets/uploads/2023/01/ 332 KB
333 KB 1066ms
944ms Image
image/jpeg 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/01/GettyImages-1044068124-1200x794-900x506.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f65440df3155434d00b0bb7fd1d092bfeb64e8c4f6be334bb8146d75a2f7fa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 340438
Last-Modified: Mon, 09 Jan 2023 00:11:43 GMT
Server: nginx
ETag: "63bb5bbf-531d6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535961
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 26 Nov 2024 16:50:21 GMT

GET
H/1.1 200
OK ntd-logo-comment.png
i.ntd.com/assets/themes/ntd/images/ 35 KB
36 KB 162ms
38ms Image
image/png 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:50:59 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 35679
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-8b5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30944286
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 19 Nov 2024 20:29:05 GMT

GET
H2 200 template.css
subs.epochbase.com/lib/ 4 KB
1 KB 204ms
127ms Stylesheet
text/css 34.107.251.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.epochbase.com/lib/template.css
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.251.107.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 03 Nov 2023 19:11:33 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1242
expires: Mon, 27 Nov 2023 17:50:59 GMT

GET
H2 200 4a739f824f596a15.css
www.ntd.com/_next/static/css/ 140 KB
44 KB 605ms
605ms Stylesheet
text/css 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/4a739f824f596a15.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39606abb2773dd3c0cdad88f49c31445e9d558631c25fb21bcbf06046c361340

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"22ea3-18ba6c71c60"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf90ec1f66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 3cd2d6e571594a33.css
www.ntd.com/_next/static/css/ 23 KB
5 KB 474ms
473ms Stylesheet
text/css 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b305e408e4d852e855962afee13321ebf52d3894e1a8a42dfbf8d3b4741a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5cf7-18ba6c71c5f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf90ec2266f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 3142a792e382aafb.css
www.ntd.com/_next/static/css/ 15 KB
3 KB 467ms
466ms Stylesheet
text/css 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/3142a792e382aafb.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"3db9-18ba6c71c5f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf90ec2466f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 30418f44-85d0cd07c9902eeb.js Show response
www.ntd.com/_next/static/chunks/ 680 KB
185 KB 621ms
617ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"a9f15-18ba6c71c64"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5266f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 9073-3a5bfa0f17d1d72f.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
3 KB 488ms
484ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/9073-3a5bfa0f17d1d72f.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d467813dd443184a5c52c782f0b3c2a401a873d28dc9130ac30900dc8590ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2452-18ba6c71c66"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5766f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 663.040d83569fca7810.js Show response
www.ntd.com/_next/static/chunks/ 10 KB
4 KB 471ms
467ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/663.040d83569fca7810.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb05bc6f6bc43783fe6132aeee6ecdacfc83c8223f32aa9c998c75b7f3dd9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:04 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2801-18ba6c842c5"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5866f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 1391.0ae298293689721c.js Show response
www.ntd.com/_next/static/chunks/ 11 KB
4 KB 475ms
471ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1391.0ae298293689721c.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72fd7e24b02580e7f6501d079c90a19d4c87ab4624c51f96f4e3c7a07a0e30d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2b5b-18ba6c71c63"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5a66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 webpack-8fc3a293139a2d69.js Show response
www.ntd.com/_next/static/chunks/ 6 KB
3 KB 476ms
472ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/webpack-8fc3a293139a2d69.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9eddf5a65005ab000071c3179eaa30fce0f40e67d742a18ce8caf892264a652

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:04 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"18b0-18ba6c842c2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5c66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ntd.com/_next/static/chunks/ 127 KB
41 KB 621ms
618ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1fbd2-18ba6c71c67"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5e66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 main-9a2cb928659cd95b.js Show response
www.ntd.com/_next/static/chunks/ 118 KB
35 KB 619ms
616ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8e78daa065e02de5d8b249192b4e2c364a523cff15f783b273a38664634354b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1d968-18ba6c71c67"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c5f66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 _app-6c66e47dc43f9607.js Show response
www.ntd.com/_next/static/chunks/pages/ 317 KB
95 KB 625ms
622ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a085a48de1c29460f6e8dde984099c3cc348ea5db5bf26a878178939eb77d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:04 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"4f292-18ba6c842bf"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c6166f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 4201-66f788ee4ee45a93.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
41 KB 629ms
626ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/4201-66f788ee4ee45a93.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5a3e13ad52b15a5e9f82b95a971d1203facb8ff8a47ac5fe144d61f2ec7c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1ce9a-18ba6c71c65"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c6466f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 2962-a4df57f83cf7a4f7.js Show response
www.ntd.com/_next/static/chunks/ 17 KB
5 KB 479ms
476ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"4442-18ba6c71c63"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c6766f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 4277-9113847c34226409.js Show response
www.ntd.com/_next/static/chunks/ 84 KB
25 KB 623ms
620ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/4277-9113847c34226409.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e232f0777782167244e5f824d348b49a9f92446b12810aa4a3d7216572aeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1502f-18ba6c71c65"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c6866f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 9146-c010d8b3f8fd1db0.js Show response
www.ntd.com/_next/static/chunks/ 7 KB
3 KB 479ms
476ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/9146-c010d8b3f8fd1db0.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779d8fdda515b570970a5fb09b5eefbf0c8ec6300d969d4d609806a37f77e803

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1d13-18ba6c71c66"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c6a66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 1294-8741fd956c5fad68.js Show response
www.ntd.com/_next/static/chunks/ 14 KB
5 KB 476ms
474ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1294-8741fd956c5fad68.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fdf7c13d5b3b559871a32380728a9c126bd004577031335423da2c981141407

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:04 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"3730-18ba6c842c5"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c6d66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 1335-c79d8729f0c50b8b.js Show response
www.ntd.com/_next/static/chunks/ 121 KB
16 KB 617ms
615ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1335-c79d8729f0c50b8b.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a33ccfcc05ae337e7f3924e408ae1486f368970ed761aabed6e7b057651498

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1e31f-18ba6c71c63"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c7066f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 3213-33fa56d227aef8a4.js Show response
www.ntd.com/_next/static/chunks/ 12 KB
4 KB 477ms
475ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4505adde3a6db0f39a9dc7428643d1e9b84331c2d3022bec401b7002c07369e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"3061-18ba6c71c64"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c7166f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 1601-ce29e6661bb60ba0.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
2 KB 477ms
475ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1601-ce29e6661bb60ba0.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2997f9a557c9b636e93dfa7b84a57dfc6c7e3b6593f0341b77891dd7e19cc91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"22ae-18ba6c71c63"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c7266f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 %5Burl%5D-a6aa872959d7f080.js Show response
www.ntd.com/_next/static/chunks/pages/ 23 KB
7 KB 479ms
477ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-a6aa872959d7f080.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582e42d6984215cd2526b7a6f01bb23d649c746af9fafbb60bd3d43b09e4d123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:04 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5aff-18ba6c842c0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c7466f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 _buildManifest.js Show response
www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/ 4 KB
2 KB 474ms
473ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/_buildManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d780c2236b34848e2b3b15b3b2529b1eea1c2e7d92fbda888ad6766cbfe80bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:04 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"10e5-18ba6c842bf"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c7666f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H2 200 _ssgManifest.js Show response
www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/ 598 B
329 B 475ms
474ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/_ssgManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:37:19 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"256-18ba6c87d93"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf911c7766f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:50:59 GMT

GET
H/1.1 200
OK NTDLogo.svg
i.ntd.com/assets/themes/ntd/images/ 660 B
1 KB 188ms
68ms Image
image/svg+xml 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:50:59 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 660
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-294"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29654325
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcf538ab166e90e4dfda982d360b06de8da42bd945c277ec6f357a55b43bbc5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c21eea3ff63e3cbe49cfe06d47eba4a268ed5e2d583d9fbe8590f39b85212ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 720530af830892701ef8b15094596aba1a91afffc1a013cad9103da6cd9df0e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ENTD_Play.svg
www.ntd.com/images/ 2 KB
1 KB 466ms
466ms Image
image/svg+xml 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/ENTD_Play.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"7e6-18a84a34dab"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 82cbdf95aa9566f2-AMS
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
H2 200 NTDLogo.svg
www.ntd.com/images/ 660 B
531 B 468ms
468ms Image
image/svg+xml 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"294-18a84a34dab"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 82cbdf95baa266f2-AMS
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
H2 200 footer-app-logo.png
www.ntd.com/images/ 73 KB
73 KB 603ms
602ms Image
image/png 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 74494
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
etag: W/"122fe-18a84a25ff3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf95baa466f2-AMS
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
H2 200 NTD_BackToTop.svg
www.ntd.com/images/ 2 KB
1 KB 463ms
462ms Image
image/svg+xml 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTD_BackToTop.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"7d6-18a84a25fec"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 82cbdf95baa866f2-AMS
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 126ms
52ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 27 Nov 2023 16:51:00 GMT

GET
H2 200 8735.d0b957bfa55e8687.js Show response
www.ntd.com/_next/static/chunks/ 44 KB
15 KB 599ms
598ms Script
application/javascript 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-8fc3a293139a2d69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 06 Nov 2023 22:35:48 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"af73-18ba6c71c66"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 82cbdf976d3c66f2-AMS
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 16:51:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 200ms
69ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-a6aa872959d7f080.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

452889647dfac521356e18f8fc2e4af00664f1d7f8fb9a905bc64d4e1d1c2c99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 16:51:00 GMT

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
2 KB 227ms
124ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/1391.0ae298293689721c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 6e136a92e4e397fe1a887f1fb037494c06b8fe4f7d0702d2e63bedbd8bcd6650

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 16:51:00 GMT
Content-Encoding: gzip
Last-Modified: Monday, 27-Nov-2023 16:51:00 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
93 KB 204ms
75ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c747ef1de111bedf5ebe5fdccf35edec562a0ae0f78ba41be6d5facf441ebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 16:51:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 287ms
159ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adcd6c31dcc6497364cc7f126f2fe13eca4845272b166cb18a7432dad1d72b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45812
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Nov 2023 16:51:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
30 KB 243ms
111ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

198d5b4709dfa22a922ce0610d02535885fba25722eeee7361b2e3463683e2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30343
x-xss-protection: 0
server: cafe
etag: 442 / 19688 / 31079695 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 16:51:00 GMT

GET
H/1.1 200
OK prebid.js Show response
i.ntd.com/assets/themes/m-ntd/js/ads/ 275 KB
276 KB 46ms
45ms Script
application/javascript 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 281947
Pragma: no-cache
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-44d5b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31478439
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 101ms
30ms Script
application/javascript 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:01:35 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P5
age: 2966
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: VaYggk3hEVAmpubEuZoYsHakljaZ52E5wE0Xptv8EKbP3bE5_fF-Dg==

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 1 KB
442 B 539ms
539ms Fetch
application/json 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa64d05c4f7136a13dee9cf472e267e001d9bd974f03d4017c862a9e01ce633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 82cbdf978d7d66f2-AMS
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 664 B
720 B 199ms
129ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=893884,956858,956867,956855,956863,956835,956851,956846,956844,956817&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ca200cb453733fbe1695a5de5862048e2ee9488ced0eccce5945ff3e98ad1145

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664

POST
H2 200 getcounts Show response
www.ntd.com/v1/api/video/ 50 B
190 B 634ms
634ms Fetch
application/json 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/v1/api/video/getcounts

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/663.040d83569fca7810.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01e6707dac66d64e9b3b3c96302a56e9692a04aa37a3d46c02af5181da4780b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-encoding: gzip
server: cloudflare
cf-cache-status: DYNAMIC
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 82cbdf978d8266f2-AMS
x-xss-protection: 1; mode=block

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 638 B
188 B 539ms
539ms Fetch
application/json 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2afcefbcf3d465bcba23b00cdd5f7271cba3b6865f8259e0c6586814add8242

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 82cbdf978d8766f2-AMS
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 408 B
599 B 198ms
129ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=956756,956759,956596,956803,956744,956634&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 8bd847705654de71b032d78c4e293a5a58e70913fc32e910fccb0d3eef3d28ce

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 408

GET
H2 200 geo Show response
pwe.epochbase.com/ 143 B
323 B 220ms
129ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/geo
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c4fb27c2d0bf96aad8bb2c15ccf820bc54e256c96fe1cceaead9aadf06d40f0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143

GET
H2 200 default-user.png
www.ntd.com/images/ 3 KB
3 KB 470ms
467ms Image
image/png 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/default-user.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 2560
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
etag: W/"a00-18a84a34db0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf97cde566f2-AMS
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
H2 200 share.svg
www.ntd.com/images/ 338 B
319 B 514ms
511ms Image
image/svg+xml 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"152-18a84a34db8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 82cbdf97cde866f2-AMS
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
H2 200 share_single.svg
www.ntd.com/images/ 388 B
336 B 471ms
469ms Image
image/svg+xml 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share_single.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"184-18a84a34db8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 82cbdf97cdec66f2-AMS
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 20:51:00 GMT

GET
H/1.1 200
OK id956758-Bank-of-America-logo-GettyImages-462793751.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 18 KB
19 KB 39ms
37ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/11/id956758-Bank-of-America-logo-GettyImages-462793751.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fa7a0d190cf1cd8932c0549bd128c1f0d37015c34eab5f29b02382c23ce0608b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 18450
Last-Modified: Sun, 26 Nov 2023 14:40:12 GMT
Server: nginx
ETag: "656358cc-4812"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31447235
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id956833-Lucky-for-Life-ticket.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 10 KB
11 KB 81ms
41ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/11/id956833-Lucky-for-Life-ticket.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a0b6d631b76619f19588b0526f57e3533d6dfa14edce7dbc8e1ed07db59e26ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 10630
Last-Modified: Mon, 27 Nov 2023 02:42:01 GMT
Server: nginx
ETag: "656401f9-2986"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31488081
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id948396-Hamas-tunnel-system-GettyImages-528593636.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/10/ 16 KB
16 KB 73ms
37ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/10/id948396-Hamas-tunnel-system-GettyImages-528593636.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4f9d115a7cba0aa8a2fb00d608683ab400be33a39ffcb37a2d6a197d66a795bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 15872
Last-Modified: Tue, 17 Oct 2023 17:02:33 GMT
Server: nginx
ETag: "652ebe29-3e00"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31388756
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id956807-Donald-Trump-Obama-GettyImages.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 9 KB
10 KB 100ms
56ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/11/id956807-Donald-Trump-Obama-GettyImages.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8c69be38f1fb2b16811680234ca39dadd569e379d3de94a48c20c2cbf2e1db3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 9422
Last-Modified: Sun, 26 Nov 2023 20:26:21 GMT
Server: nginx
ETag: "6563a9ed-24ce"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31462963
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id956648-GettyImages-1797516641.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 19 KB
20 KB 49ms
40ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/11/id956648-GettyImages-1797516641.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d6afc903e5795bdf0163a5d0ef7492b18b32600f8864077eef0a83b015a9e8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 19654
Last-Modified: Sat, 25 Nov 2023 02:39:03 GMT
Server: nginx
ETag: "65615e47-4cc6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31367595
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id956654-GettyImages-1800487572.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 14 KB
15 KB 48ms
44ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/11/id956654-GettyImages-1800487572.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0b277cb4c269cb4554dd7c5c11ceeb83d705cd02b6b9b1122a0e56488ed091c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Mon, 27 Nov 2023 16:51:00 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 14248
Last-Modified: Sat, 25 Nov 2023 04:19:17 GMT
Server: nginx
ETag: "656175c5-37a8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31457876
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 watch_ntd_on.png
www.ntd.com/images/ 20 KB
20 KB 611ms
610ms Image
image/png 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/watch_ntd_on.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 20726
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
etag: W/"50f6-18a84a25ffe"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf97cdee66f2-AMS
expires: Mon, 27 Nov 2023 20:51:01 GMT

GET
H2 200 watch_ntd_row1-2.png
www.ntd.com/images/ 64 KB
64 KB 610ms
609ms Image
image/png 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/watch_ntd_row1-2.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 65131
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
etag: W/"fe6b-18a84a34dbb"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf97cdf166f2-AMS
expires: Mon, 27 Nov 2023 20:51:01 GMT

GET
H2 200 watch_ntd_row2-2.png
www.ntd.com/images/ 93 KB
93 KB 609ms
608ms Image
image/png 2606:4700::6812:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/watch_ntd_row2-2.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 94887
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
etag: W/"172a7-18a84a34dbb"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf97cdf566f2-AMS
expires: Mon, 27 Nov 2023 20:51:01 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/ 215 KB
67 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68238
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 02:45:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Nov 2024 15:19:36 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 79ms
27ms XHR
application/javascript 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 cb6a2c71695f851967f08ee8b2defc0c.cloudfront.net (CloudFront)
date: Mon, 27 Nov 2023 11:30:58 GMT
x-amz-cf-pop: AMS58-P5
age: 19203
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: EixvXC2rh7O2E3sRKnic3BARJBGsIJlBTpFwulMKgINYaYCJcDhsxg==

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 467 KB
467 KB 113ms
34ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:36:47 GMT
x-content-type-options: nosniff
age: 209653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477845
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:36:47 GMT

GET
H/1.1 200
OK jsapi.v5.12.0.en_US.js Show response
static.mixi.media/static/jsapi/ 251 KB
75 KB 207ms
102ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 07:51:02 GMT
Server: nginx
ETag: W/"62455d66-3eabf"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.mixi.media/ 77 KB
28 KB 479ms
376ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.mixi.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 171ms
66ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:00 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H2 200 template Show response
pwe.epochbase.com/api/ 7 KB
2 KB 130ms
129ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 0ea258555e5fcf60617c4791778cba754e64b9acb2792b47c32af0cf2dfa0b3e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rules Show response
pwe.epochbase.com/api/plan/ 4 KB
874 B 131ms
131ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/plan/rules?siteId=www.ntd.com&planId=live-ntd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f2fbec20eff343b19ab9e0f85926cdee9701203228f142d35c1727e833850c1f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 431 KB
135 KB 121ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Nov 2024 16:47:52 GMT

GET
H2 200 ae51d432-b517-4c68-9f8a-22444acccbb5 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
805 B 842ms
760ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: c3a4df25e241b0441b39ba2a63e876fc14bea8404980ec73f463df1e94e815fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: yyVUU5m5Lnh_BM06rTa1HQYpAibeSRzklYJlLOSAWL4px5bOkSoSDw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 27ms
26ms XHR
text/plain 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:24:48 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
age: 12372
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 24Ow5GSizAHyvwuy0P5nXwg5ZLkRq4jdN3lrDMimFeieHTn5vY3hVg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 27ms
26ms XHR
text/plain 18.239.83.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:24:48 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
age: 12372
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: ghOsP4Me96Yw8WtNOnMWH5deq07CmdSJid3l49y7ox_dRgU629s9Rw==

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ 59 KB
60 KB 547ms
182ms Script
application/javascript 52.92.241.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.241.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:02 GMT
Last-Modified: Tue, 29 Aug 2023 17:44:45 GMT
Server: AmazonS3
x-amz-request-id: DSAM67ZHGHZ9HG0V
ETag: "b54fadc7e5991d9914d62a0459bfdf77"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 60527
x-amz-id-2: I2jtJ1iE/EBrlLa6y5UzLDWe3JkMUEj3NSafuIdLiqry7rhnvviLB0+9MYExXpmAEyDujxEpVwA=
Expires: Thu, 28 Sep 2023 17:44:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
93 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

610433816074588c15c8150b69154c34bce853ff7c24e70974a12ec6805b0864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 16:51:00 GMT

GET
H3 200 template Show response
pwe.epochbase.com/api/ 7 KB
2 KB 132ms
132ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2e52b90c4576fcc79aa119ec5d779a093ae19822d0a3f220d5e52db8251389f7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:00 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 86ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je3b81v896365836&_p=1701103860383&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=485017696.1701103861&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701103860&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&dt=Death%20of%20Chinese%20Official%20Amid%20COVID%20Wave%20Casts%20Spotlight%20on%20Forced%20Organ%20Harvesting%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=2853
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 101ms
33ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=485017696.1701103861&gtm=45je3b81v896365836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 146ms
72ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=485017696.1701103861&gtm=45je3b81v896365836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1801751496

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6D74 60 KB
34 KB 83ms
82ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=3e407i881c9i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75dd95d08e886d54b4ede3ff4252cf36f30e8e8b061c9c9d9a1f4d3b3ee56b73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L-QKFcldvTZfQbIgwwhOqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-L-QKFcldvTZfQbIgwwhOqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 16:51:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 8 KB
3 KB 130ms
130ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 33da6c9d5c39ef304f3deedeb7b3fcff41e8e79c665627808430bbed8abea3ff

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 16:51:00 GMT
Content-Encoding: gzip
Last-Modified: Monday, 27-Nov-2023 16:51:00 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Node: ads5-1sselp17

GET
H2

200

react.production.min.js Show response
unpkg.com/react@18.2.0/umd/
Redirect Chain

https://unpkg.com/react@18/umd/react.production.min.js
https://unpkg.com/react@18.2.0/umd/react.production.min.js

10 KB
5 KB

39ms
38ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@18.2.0/umd/react.production.min.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1523891
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HEVDRH1G0PQG1D15B4HZVKHR-ams
server: cloudflare
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82cbdf9b785e6565-AMS

Redirect headers

date: Mon, 27 Nov 2023 16:51:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HG8TWHKHC7HBKB4ZGCHQHS6Y-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 177
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react@18.2.0/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 82cbdf9b1fc16565-AMS

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@18.2.0/umd/
Redirect Chain

https://unpkg.com/react-dom@18/umd/react-dom.production.min.js
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

129 KB
43 KB

40ms
40ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1687799
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HEPHEEE7Y59VM5CXF6YSMKH5-ams
server: cloudflare
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82cbdf9b785f6565-AMS

Redirect headers

date: Mon, 27 Nov 2023 16:51:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HG8TKMG24QC0KYZH7P7RX3CT-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 469
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react-dom@18.2.0/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 82cbdf9b1fbf6565-AMS

GET
H3 200 signInCombo-2.1.umd.js Show response
pwe.epochbase.com/libs/ 252 KB
72 KB 190ms
135ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/signInCombo-2.1.umd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 133bd9c50accec513f057a09b3be1d84c8c791b8646640223573deca444f4657

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 16 Nov 2023 22:13:48 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
457 B 162ms
69ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&pid=AJosRobd8ilvv&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 983a038711eb4948a85355a04c2ba67c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: K8K60NKNH35N213W87YN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dcnEFgrf1il5zQ5z3c0mLmaA1aSHELlIXZRbnDk4i4aMTra6aFlVoQ==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 638 B
746 B 87ms
26ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: c7de7f71ff6321b0e877c640db71837d14106546936ee39603f8d8fe006e1b82

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 16:51:01 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
547 B 112ms
51ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2250680961b1c647%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264561a5ee0b221%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2efa7ce2e6654f1c7b259ea6780892365ae6b30efb0af15c2e2e7267a64f885d

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2NkTuJ7P1eqJ%2BlqAvnNTql%2BB2NKd1HP8GOK0kJFlF4YLASGzhB80wjoP%2FGUWl5iGKHm2M2QdnFpKw%2FnVe2%2BuHSDjOga%2FeF6sEFp2T3ebWFJJ5ePbTrjqaq5oA%2FATD7pV1h6Kuuw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82cbdf9b692f0b42-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
390 B 725ms
112ms XHR
application/json 18.207.9.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_rid=8ff06af5a8dc67&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.9.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-9-209.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
699 B 99ms
25ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

626228f7a06eb9cec2221b530d9b5f608bf90ea227c1d7d7d86c0d7f44427c05

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
an-x-request-uuid: b44f833f-0360-4fad-8000-97cb48cdafee
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 110ms
33ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ntd.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 634 B
977 B 132ms
31ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=2f0e8a4d-1c00-4b2e-9e28-357ead0d3a28&l_pb_bid_id=15a25ab5d72d5b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.33293830724313667
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a3f4f50ac142c89c8db7cecb5fcb00ef460c973570b34cee2941ec050f6a8cbd

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 131ms
68ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&pid=AJosRobd8ilvv&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_ads_right_top_300_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 983a038711eb4948a85355a04c2ba67c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: C94Q4XHAAS4Y0SS4YQ6J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: iPIVBxkKbB3t5NC7XipMpghAgbDNmwNOqxnTgZjp4C_gZIdkjpTSDw==

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
700 B 81ms
24ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f7b8135765f3f80a21abfdf7fa76b920fb163f5d3290408089c3106b3c0af0e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
an-x-request-uuid: 2d16809f-4496-43c3-b1f6-1035419f98bf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
389 B 707ms
114ms XHR
application/json 18.207.9.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_rid=22fddf758abe427&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MCwic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.9.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-9-209.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
321 B 101ms
62ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360713&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22240e8df69cb8165%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225205f2927b85c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c009f52df88329b73c911172f8c563911c7f14ce34654cc36c6df7ab776d28

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNAOehgowPhZb7%2Fh1ODXX6CFM%2FtCDmQ%2FrJMNZOvq%2FwCSz2ReCz%2F%2BwEIe7B5E7W0cvXFZP5aL4QPrUJWJueEAdQzFz3d8nBOVDRomYfMTLiuI538dg%2F1bQpqn%2Fy1OzG9aZESib8ag"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82cbdf9b69320b42-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 602 B
1 KB 115ms
28ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&rf=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-3&tk_flint=pbjs_lite_v6.23.0&x_source.tid=e47f987e-3fc4-40c6-93b6-80467bba2626&l_pb_bid_id=27c5b061dc9f469&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-3&slots=1&rand=0.707335736792088
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3f5f4311e902df5a7ee60558dd220609d6f1c8eae634ad2d5dcf5b6812fec5bf

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 602
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 94ms
34ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ntd.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6D74 55 KB
24 KB 158ms
33ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=3e407i881c9i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 14:16:03 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6D74 467 KB
467 KB 188ms
65ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:36:47 GMT
x-content-type-options: nosniff
age: 209654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477845
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:36:47 GMT

GET
H/1.1 200
OK 11436019.jpeg
static4.mixi.media/img/400x300/ 41 KB
41 KB 196ms
91ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/11436019.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f6ddaaa8b25aa460477933b5c22190c3560f19cf86f2fae6dbd2d024ea194070

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Sat, 25 Nov 2023 10:45:40 GMT
Server: nginx
ETag: "6561d054-a44d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 42061

GET
H/1.1 200
OK 11293684.jpeg
static8.mixi.media/img/400x300/ 37 KB
37 KB 198ms
93ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/11293684.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: a69962faa76a4320441014adb346553b9d1b298f9b7687ac3bf58df131c3ecdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Tue, 26 Sep 2023 06:48:27 GMT
Server: nginx
ETag: W/"65127ebb-ca1c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38062

GET
H/1.1 200
OK 11415314.jpeg
static3.mixi.media/img/400x300/ 50 KB
50 KB 197ms
91ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/11415314.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 751f916eef378462304f9f5cfefdfa560eba2ae4ec02c7b94d3bca7214c002b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Thu, 16 Nov 2023 09:14:39 GMT
Server: nginx
ETag: W/"6555dd7f-13f17"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 50889

GET
H/1.1 200
OK 10571390.jpeg
static5.mixi.media/img/400x300/ 41 KB
41 KB 198ms
92ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/10571390.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: ea3ae6930150fa98882faa7bb190c646f8f825bccdef2381c798970cb7d9ead2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Tue, 08 Nov 2022 19:15:54 GMT
Server: nginx
ETag: "636aaaea-a31f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 41759

GET
H/1.1 200
OK 11235864.jpeg
static5.mixi.media/img/400x300/ 41 KB
41 KB 197ms
91ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/11235864.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 7fb1e0e07bbdc3b33281fe67c3d24a610e086e30238e57e06ca4d390ebbd547e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Fri, 01 Sep 2023 18:25:58 GMT
Server: nginx
ETag: W/"64f22cb6-1e231"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 42205

GET
H/1.1 200
OK 11436029.jpeg
static2.mixi.media/img/400x300/ 41 KB
41 KB 586ms
91ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/11436029.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: a0945506bc3961bd4d422739b65836d81f5dd9467be75b3075b381a810e4e1d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Sat, 25 Nov 2023 10:46:35 GMT
Server: nginx
ETag: "6561d08b-a20b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 41483

GET
H2 200 us.gif
sync.go.sonobi.com/ 49 B
443 B 598ms
101ms Image
image/gif 69.166.1.35
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-75
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 529ms
66ms Script
application/javascript 185.162.95.70
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxjU9sONwTE&cb=_callbacks____0lph5bfqh
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir12.imcmdb.net
Software: nginx /
Resource Hash: 584c6bcc2c7bbf71d6db8b9972036303a64cfe82e08347ed3f60328966ff93a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6D74 2 KB
2 KB 33ms
33ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:28 GMT
x-content-type-options: nosniff
age: 593193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 27 Nov 2023 20:04:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D74 15 KB
16 KB 229ms
34ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 222778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D74 15 KB
15 KB 238ms
42ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 251893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:52:48 GMT

GET
H2 200 ActaDeck-Medium.otf
cdn.epoch.cloud/assets/fonts/ 51 KB
51 KB 188ms
35ms Font
application/octet-stream 2606:4700:e6::ac40:ca07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1979
alt-svc: h3=":443"; ma=86400
content-length: 51776
last-modified: Wed, 19 Feb 2020 18:57:39 GMT
server: cloudflare
etag: "5e4d8523-ca40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7XnlHocv5EOxmxjYMbViKvkPxnifJSllcSLS9Nc1nyujKoOCmsvA%2F%2FIZRUXjQ44eTLM3xDUZhKyGsgOPh2tqjJdGI7TAXE%2Bi22ThDQ1qdWHRrXVbXbzvb8oLVQjO5fYmB6UhX3Epe%2Ff7si7%2F94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf9ed98066d2-AMS

GET
H2 200 RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ 123 KB
124 KB 215ms
63ms Font
application/octet-stream 2606:4700:e6::ac40:ca07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1979
alt-svc: h3=":443"; ma=86400
content-length: 126244
last-modified: Tue, 07 Jun 2022 20:08:09 GMT
server: cloudflare
etag: "629fb029-1ed24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9JdldsVOSfUR73Pwcy8nYsgTBJeOX32ILqiRKuGD7J51FemxgVZi%2FAO7IY16%2B69%2BSCq0hyUVk8mcS1hE4c0m7drscIIzBn3RP86ovRQIj2FNuHB6zPnawDY7RyN3uxIqsNfpuCXBCHbTUO581A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82cbdf9ed98466d2-AMS

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6D74 102 B
135 B 42ms
41ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57179112de4d4b4e1d1b6c501c17a9e90fc8517e5160d82ef95083fe69b1e1be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=3e407i881c9i
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 16:51:01 GMT

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 47 KB
15 KB 159ms
36ms Script
application/javascript 2600:9000:225e:c600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 19:12:58 GMT
content-encoding: gzip
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 77883
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: srJIj5JS8MrX6XxNwUACG8VjqcDTPTDNu7p64IUdS48T6r6zfzczTA==

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
880 B 142ms
142ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDNiMTUzNWM1LTVhOGItNDQxNS1hN2Q1LWE5MWQ5N2UxNTBlMRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzAxMTAzODYxNTkyGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDZkZTMxMzk2LWNlNjAtNGMzZS04YTRlLTMzYTdhZTc0ZjBiNBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1701103861642
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Mon, 27 Nov 2023 16:51:01 GMT
Last-Modified: Monday, 27-Nov-2023 16:51:01 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Nov 2023 16:51:01 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 199ms
66ms XHR
text/plain 185.162.95.70
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir12.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 27 Nov 2023 16:51:01 GMT
Server: nginx
Connection: keep-alive

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 154ms
50ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 72731 Show response
idx.liadm.com/idex/unknown/ 0
368 B 423ms
111ms XHR
text/plain 100.25.176.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.176.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-176-198.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 1
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: f2bcf6aba9f5f7f8
expires: Mon, 27 Nov 2023 17:51:02 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 68ms
66ms XHR
text/plain 185.162.95.70
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir12.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 27 Nov 2023 16:51:01 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
https://a.clickcertain.com/px/?c=2455d1796b86efb

4 KB
2 KB

145ms
145ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a688fb17db3135a2e8a73a23f2ceb5cde6f6cd4d6de4615ca4cf76caa0e5ae8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
content-encoding: br
x-frontend: cc-nginx-5c6697d5bd-8sp8v:cc-nginx-5c6697d5bd-8sp8v
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: e503b6da-54c0-4586-9d19-2cf917793004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT6tAJ4mRCM05gfwh8oMEl%2Fe4q8QaCNf0bh3alAsK6dtnlTQKJ44MsCwho%2FkrHBvxfhTb1ILomWZy6VzipbygubACDWrpg9Q%2BeRKY6yNbNERzftK5NopHHH6vi0kRaKg%2FooqYRT0BpWrTrTLec4nxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 82cbdfa38c4e5c49-AMS

Redirect headers

date: Mon, 27 Nov 2023 16:51:02 GMT
x-frontend: cc-nginx-5c6697d5bd-8sp8v:cc-nginx-5c6697d5bd-8sp8v
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: cdd77500-e8e2-49ab-b705-87794d719efb
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8fYlytK2Skw%2BOGdsiUDgAYW%2FQjEn656%2BHmTTXx%2BT44IIR3nX8D3ybqWL1oaMTxcnuCziyXFvUtE7oFcb0UvcLB11Rvytso%2FDcEwjfmk91vrxm%2BtKI5wgpemVa6RxeqL%2FZUebT4Scyo1PSSON8xsuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=2455d1796b86efb
cf-ray: 82cbdfa28ac25c49-AMS

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1701103861950&se=e30&duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&tna=v2.11.1&pu=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight...
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&tna=v2.11.1&dtstmp=1701103861950&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-c...

13 B
318 B

362ms
112ms

XHR
application/json

35.168.179.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&tna=v2.11.1&dtstmp=1701103861950&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D
Protocol: H2
Server: 35.168.179.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-179-116.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
x-pixel-event-id: d7ff00bf-27de-4c8d-b923-6b31752e9eb5
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs&tna=v2.11.1&dtstmp=1701103861950&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D
access-control-allow-origin: https://www.ntd.com
date: Mon, 27 Nov 2023 16:51:02 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 413ms
412ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=543100835505372&correlator=2120753497672026&eid=31079671%2C44808666%2C31079695%2C31079525&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_below_end_336&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701103862225&lmt=1701103862&adxs=459&adys=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&vis=1&psz=835x5034&msz=300x0&fws=4&ohw=1600&ga_vid=485017696.1701103861&ga_sid=1701103862&ga_hid=1897440028&ga_fc=true&dlt=1701103859330&idt=1578&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=2418553208&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc398ab3fbfe2ed810ac76b0dd51a58162407aec8f6abfd8cb5ff5dbad35792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12397
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 232ms
107ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd888e427df3b90abdf9d5ba395fa49eb73fcae91779ade6b914954f584c0552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12406
x-xss-protection: 0

GET
H2 200 container.html Show response
0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD41 6 KB
3 KB 240ms
65ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 16:51:02 GMT
expires: Tue, 26 Nov 2024 16:51:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 609 B
497 B 630ms
629ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=543100835505372&correlator=2120753497672026&eid=31079671%2C44808666%2C31079695%2C31079525&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701103862246&lmt=1701103862&adxs=1069&adys=1391&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&vis=1&psz=370x6737&msz=300x0&fws=4&ohw=1600&ga_vid=485017696.1701103861&ga_sid=1701103862&ga_hid=1897440028&ga_fc=true&dlt=1701103859330&idt=1578&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=1165351140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d740920e569a02fab3ba2a33f3ee5be169400e2bb7ac55f291517eb3ce5d0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...

42 B
351 B

186ms
186ms

Image
image/gif

52.32.175.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25228b273da1-473c-43cb-a7e1-83860ba4c118%2522%257D&title=Death%20of%20Chinese%20Official%20Amid%20COVID%20Wave%20Casts%20Spotlight%20on%20Forced%20Organ%20Harvesting%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tdc=1
Protocol: H2
Server: 52.32.175.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-175-23.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Mon, 27 Nov 2023 16:51:03 GMT
server: nginx/1.20.1
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25228b273da1-473c-43cb-a7e1-83860ba4c118%2522%257D&title=Death%20of%20Chinese%20Official%20Amid%20COVID%20Wave%20Casts%20Spotlight%20on%20Forced%20Organ%20Harvesting%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&tdc=1
date: Mon, 27 Nov 2023 16:51:02 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: nginx/1.20.1
content-type: image/GIF

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 119ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 16:51:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F642 13 KB
5 KB 34ms
33ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 308F 829 B
562 B 51ms
50ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

219ff18767a24807c0f419dfa1f3ccc7af086321d09eaab66dcc4b0c061912fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q5WzZZB9n7Y0l5hl46kWWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q5WzZZB9n7Y0l5hl46kWWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 16:51:02 GMT
expires: Mon, 27 Nov 2023 16:51:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 3967 196 KB
56 KB 154ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 217922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3967 15 KB
5 KB 212ms
91ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 327782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3967 95 KB
29 KB 215ms
94ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 227012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3967 5 KB
2 KB 230ms
109ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 240396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3967 40 KB
13 KB 230ms
110ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 322890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
DATA 200
OK truncated
/ Frame 3967 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcf3ed3aad7fa90aabfeacbb1ede454a6d2e2ac56a8d4c2be727e8fec1dcab4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2124022806244053386
tpc.googlesyndication.com/simgad/ Frame 3967 37 KB
37 KB 37ms
37ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2124022806244053386?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qloLMMrKT68OGGl_rD3GrpIYcPCgg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35426bf7928fb9b72340211ace2539a469a18bb6848dfb2a5e9cfae20f444624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:08:00 GMT
x-content-type-options: nosniff
age: 16982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37494
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 11:05:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 12:08:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3967 2 KB
3 KB 35ms
34ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 84786
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 27 Nov 2023 17:17:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3967 295 B
400 B 36ms
36ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 69264
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F642 39 KB
15 KB 184ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:22:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 308F 0
0 210ms
94ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=543100835505372&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3967
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

1042ms
970ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: H2
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Nov 2023 16:51:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3967 0
0 81ms
80ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNCjp9shkZfmjEqWorASVrIigCezV2exz4Lrs3fgRv-EeEAEg6NCwH2CRhKCFjBigAbme6ZMqyAEC4AIAqAMByAMIqgSQA0_QevXi9FO34h3aLeQsjGDQ4bc72ic9njjUPVb2QqCmY4lceHnY4cc1caRJwcKhwtghbhoqG6mCKqUIUQ4a343PWLDL-xDYdSShjzXjQjjPmZGDwM1vksXuIlBj7edAHpMHWUYlaJYTOUts6xiXfYSZAduwkmDnf_0z6Iz1Ro8tArp_lig3Mteo-zGBNWVawpQjY-SDyy1z1sC7bU7HdV5GMZ2JE2BLPdzQSRSvAMRmKKUN4y8KReuuVGYwtmm6pE4nhnoNwvo4z4YsrxviLrGovpatRqGDYrVaNYlinqT-P5sEo-dYPGCuD-kBgwgCedRxR6gy161PA7zIcqOpPi3RUNV7OYNKGMs7mFPWBRdntGwWEB-ooneqNF4pW6f_lozsp5NNyX8DQ5HqgMjMuLKxt-mUHODcCnbwAwSORnIEwPC9zwvoLnWKul64qBIl2hbYpZH1GNY2kTS5H6edvXhQjkqfS1RlABAtNX2OMeGqs7SxxCAkhIIG7d1mCAHTr4MFSV3a_pTdVQGcZCdU8MrABLq2xoPBBOAEAYgF0-j00kySBQQIBBgBkgUECAUYBKAGAoAHuda58wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCoogzSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkfaHR0cHM6Ly93d3cuZmlza2VyaW5jLmNvbS9ubC1ubIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMIkai_29HkggMVJRSLCh0VFgKU2BMN0BUBmBYBgBcBshceChwIABIUcHViLTIyMTE1NTI1Mzc3MDQ0MDcYwNwM&sigh=QB6WH_LwVuY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNnKOTDhqS_qUXITcWmY7itYdzotlPtrh-VMvgWFkPrf0yarytI13C4QpaWu5IwdNG7GwwSTvYRk3fvuLostsBXl4k38slfq-vTRkYAQ&cbvp=2
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F642 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Q-XLog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 100ms
100ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=543100835505372&bg=!PT6lPnHNAAZxrfrxUa07ADQBe5WfOM7JK75BAfBlwYuRFBWBUdIXgwjZbvD7S6b74HsdF1vGheN63ir-JL4SsKqsEkucAgAAAFxSAAAAA2gBBwoATdYwIV12FWJYKGNV9-RJkTB4Rt9xOtjGurJwt168oWFuqUBu8TR4uwB8j40M4LQfPbZgFQ8KS6PKLpuFfu0U81U950_Feg4rTxFty1GlmQKsiBWgArVOxDNBJT-DVbujsA1uHkM9Z4V5wFUL84XlCN9flm4hLzEU_ZgK69x1QgJASV1vfyuR7o4ZJI6rf-Drx_PeorD87cXWfRi8ckbEgaKgMjwjgRCJuwYBTQDbaptFK4Tc-JyUIooOUeqk6RvDA63RiecO480MT4GfOArcXlwrBV3cZKkhcykia-BFAnkLgyPPlw9BK4SNJxj_RF6noiSE3f4k-zSfr-bz64wGOF-8CefTB9HlS2TwMYWeMvIGdgyJD-57lhtWiTaI8ycYJZ5XrhnleH79zo0tjy_LhRqMsbDuJL51qwi-na3_jIXJIoP1MW3g7dHJ1eVP-ySeLDbgya0pRvobG7LjjooKKhfY0AC4Me-2vtEKZtEPZjr_d9VoFFnyVw13kqBjHNfCh76hzRVjazIXKAm__Np5SbHslI4rePiIJZVxFJL4jOu6CTykC0Ka5AZ8tlHTu66aD9owhOPeA72yX-nJ86bqakYocTckS5sfBzOZNmB9-4O-d4VqYwgMs5KRbJRXRUyWM1oc0AHyJqM3HoCNX7MF43VekyXU7sFbEgtnElXBthYUsgdgACfCA1eMujyfyTDuDthCTAUjQyGFux5jqibvqYEOiaE4Q3X2z7_78loEqJB1RBCX6TJ1VVeddYJDERLgWWIHyX26ht1Iz8ALwgKoLF31izww54kNBXtKbIWr2wO15MkeGr1t7rdp1PHp0grvSaugjwWNjlKCr_Hivm3VjEiFIyMn5iMDIxxP5-G79YyWt0L-E8g1DRqygwUAvXrJJmxo6C3BENiDCiFZZ05LxUBcotyH7pm_2Y3o71qXB7lhgumyLn-knSN9sDQWIX1klqyfj4ii1IcO9yB93llj03oj0si82az0U22UFlUMKe-Gyn_xoZBbKo6bomy7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 204 /
onetag-sys.com/usync/ Frame 60F2 0
0 36ms
33ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1701103861067

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9042 52 KB
17 KB 99ms
28ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 29587
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 27 Nov 2023 16:51:03 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2785, 70508
X-Served-By: cache-lga13626-LGA, cache-bru1480056-BRU
X-Timer: S1701103864.771844,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 85C4 281 B
555 B 145ms
48ms Document
text/html 2.19.226.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.226.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-226-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Nov 2023 16:51:03 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9F60 3 KB
1 KB 103ms
35ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 100
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 82cbdfac9efc0baa-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 16:51:03 GMT
expires: Mon, 27 Nov 2023 20:51:03 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 61E3 52 KB
17 KB 92ms
26ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 29587
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 27 Nov 2023 16:51:03 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3346, 278339
X-Served-By: cache-lga13626-LGA, cache-ams21067-AMS
X-Timer: S1701103864.771825,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame B230 0
0 34ms
34ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1701103861068

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7874 3 KB
2 KB 97ms
34ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 100
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 82cbdfac9ef90baa-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 16:51:03 GMT
expires: Mon, 27 Nov 2023 20:51:03 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 61E3
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
647 B

29ms
22ms

Script
text/html

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
an-x-request-uuid: 29132acc-9d00-4c31-bbb9-f2d8d9ff0f2f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
an-x-request-uuid: ef5ba3ca-1031-4d85-8920-9831d50e1349
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 9042
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
647 B

25ms
25ms

Script
text/html

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
an-x-request-uuid: 321a9749-a263-49f0-bcf2-1d46d55186d7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
an-x-request-uuid: f28f6675-bf6f-4b0c-ba1b-844d105cd360
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 4A20
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
860 B

54ms
53ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8e903f694e3ec07e70ba5d20578116efa55db69fc45106177ac15f5decbe50d

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82cbdfad6b280b42-AMS
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 16:51:03 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnAzOOjhs4TWHxl6vlDOYHqH0lGjGKnJiyOlP8CRQ3opo6LJz2yEArBmVqdOkaDFvaGSD4X37Y3Xpgc1Ym4ifeR4dIuKpqZ5pxFOUICI7V7L2aGK1z1b%2BfcRisIjJlbx38oDWBIp7Ays0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82cbdfad1a8e0b42-AMS
content-length: 0
date: Mon, 27 Nov 2023 16:51:03 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bakGjclVSdXoWSFwv1BUHlpMQV%2BY88WKt%2FOIweBqQ1ASpqrEGSdIwi0RPpe1uh2GsXT9Onv9x5eImjTnMlsI0yNfRz77BD1R8R5sTZNVLyle5c50MmLuFTMSbXScendwn7298vKRYN9BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1AD5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
876 B

51ms
51ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0e3be1e5d68685f7f0eb44dc7b89482675c43c7b5618a298753bec8172a156e

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82cbdfad6b2c0b42-AMS
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 16:51:03 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYVacx8TOHJUvA4ZYDjdgCB6zZfoPCoKqu%2Fv5rFFUQ7g3%2BoDh8lshLfAUUuRjuWeO2kSQJgIshuDBKJAvLG3qelyQf6px5r347qi%2B%2FrOoTZNZEFrdW9EHYBTgLdifghy6tEZ5cZxt9s51g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82cbdfad1a8f0b42-AMS
content-length: 0
date: Mon, 27 Nov 2023 16:51:03 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCnBonzmTRxXhw8tD3GZqM5rWC3fbQcz4cFoWAZIgbjANbvTk2Y1OzYrRSvmJ40qeOYx%2FZMiP%2BCU8XvC0VxptlXK4N%2BwVUhBHDtVJR7N9AosprH7UjI94yn0X%2FwZ4KkORLCgHoIjlt43SA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 85C4 46 KB
13 KB 40ms
38ms Script
text/html 2.19.226.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.226.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-226-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b26fe5fa11212a2d528dfd8f30e5471d4a4ae981d9f3d8ebc350bd519b3aae25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 16:51:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Nov 2023 09:14:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59003
Connection: keep-alive
Content-Length: 13230
Expires: Tue, 28 Nov 2023 09:14:26 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 85C4 7 B
380 B 159ms
35ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 1AD5
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTI97tAKkoVaKtgOpfZEgAA%265239&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

102ms
37ms

Image
image/gif

178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 757884
expires: Mon, 27 Nov 2023 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Mon, 27 Nov 2023 16:51:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1AD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOhxFOYn1Bu5ZUBXlKK9NlQ&google_cver=1

43 B
736 B

49ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOhxFOYn1Bu5ZUBXlKK9NlQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FrthoL8brlmxz8Xb6%2FeAM9uMcJbv%2F3loaFeLA4DjIovsHKwTQvvT9EkYOScAFxO%2FFaNTU%2FLqYIcmzIMubfeKcDfCqkMSCJeChvtqOHU0h4fzaE%2FWfed3QNEYoREH4ckMs8PkOXJbiYWZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfaead950eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOhxFOYn1Bu5ZUBXlKK9NlQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1AD5 43 B
603 B 157ms
52ms Image
image/gif 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 1AD5 43 B
433 B 269ms
114ms Image
image/gif 52.16.22.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.22.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-22-123.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 27 Nov 2023 16:51:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1AD5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NMTnBMhvWo9Gf8ttl997bh_Mlm4

43 B
732 B

49ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NMTnBMhvWo9Gf8ttl997bh_Mlm4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzygBqCjHDoEyKELMM%2BPx8BtwOEX1LXlHrha7eaxZuGFXBPNfuURFhIkRpi7armg7hX8rTce1G88tHy8XXaTvSBaMbhVMOntTSLRYVZKfrF0Kq7AzHJPaVfD2x7DXDKj9FE0LbDjS%2Fs7Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfb0a9270eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NMTnBMhvWo9Gf8ttl997bh_Mlm4
Date: Mon, 27 Nov 2023 16:51:04 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 1AD5
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343

43 B
338 B

52ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEEq0lOXaGwgRtwJHmTxgssGkElORvbUQYCayd540wLShPn4WZpVozN5LVCq%2F%2BWlSKomUsooKx0s6BVJY0kefhTmlaUZwhlRhu%2FAjmaeQXh6XQfxhkWjDUwpPcJT%2BLP3EgpWpa2ATfaRFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfae0be50b42-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
an-x-request-uuid: 08330668-d21a-440b-9ada-e5763ed2a2fd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1AD5
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZWTI97tAKkoVaKtgOpfZEgAA%265239
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=7c86e43b-1ca4-4a35-a76c-e6f28b6525e3

43 B
737 B

63ms
62ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=7c86e43b-1ca4-4a35-a76c-e6f28b6525e3
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6yspsGqvfvUFGb1jUpM0kK5WwsrK0k%2BFjqUq2YiGp7yJpnovvA9uA4zJ%2BEO7xaUjytACXcxXYoIg9C5ryFCoNBEWW6GN%2BqpJt%2FYtGbP%2BHZPPP31xeAfiahyqaCq%2FCISXMKYaTK7C0hW0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfae6d420eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=7c86e43b-1ca4-4a35-a76c-e6f28b6525e3
Date: Mon, 27 Nov 2023 16:51:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET indexexchange
sync.adotmob.com/cookie/ Frame 1AD5 0
0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1AD5 43 B
229 B 43ms
34ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZWTI97tAKkoVaKtgOpfZEgAA%265239
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:03 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 45997
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82cbdfadd92b0baa-AMS
content-length: 43
expires: Tue, 28 Nov 2023 16:51:03 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4A20 70 B
149 B 145ms
44ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4A20
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

146ms
145ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 16:51:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q6TKWRJEDS7Y413KEXZE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 16:51:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 785WJ2TQ0V4NNG2WJ49H
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTI97tAKkoVaKtgOpfZEgAAFHcAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 4A20
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTI97tAKkoVaKtgOpfZEgAA%265239&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

87ms
26ms

Image
image/gif

178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 310783
expires: Mon, 27 Nov 2023 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Mon, 27 Nov 2023 16:51:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4A20
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWTI97tAKkoVaKtgOpfZEgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBTYqzniWRAnxiGkBtHu1F4&google_cver=1

43 B
737 B

50ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBTYqzniWRAnxiGkBtHu1F4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwV63TC%2FdTFCPXYd9VDjpKNfZUynPcm1W6uhkkjMt2%2FPUiKFRBkN3uulccl7I9w9MqEhfNjwvWFbIDGoyZVfPry4QfWqXBsDoQ%2FVX22Flc%2F7E81x%2FW%2BSW654PXGdSxpt0994ts1XSB6F0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfaead990eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBTYqzniWRAnxiGkBtHu1F4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 4A20
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343

43 B
384 B

60ms
59ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xAMRBwpJPDN3elp7bATTBFQ5sanXBAZabAgFyvx5T6ylGlgMAyftOdlbK1%2BgVLU%2B9XJAabw6K3h407RPNY9L7k%2Bxk0OKO0jZwYutb5U5pRiFlW7pK1E3B5xCALpLjw6CrTR8Ye28SiU8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfae0be20b42-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
an-x-request-uuid: 65da0d57-559e-4f73-9f73-cbe7a2c908cf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=949591801654591343
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4A20
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

43 B
768 B

49ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vblhcp0Tv0L3ib2%2B0a%2BB%2BkWeHeCmcjyorUFPtTaO8hcBu9rhZYD7FumoAgJ%2Bgp3Z0XSlKLrVyV1rYraxyEwy56bBYXWxXE3pXHIYzzCdutjIjK84PyX9gSL9201NSaHJcHkidYk5SV41eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfae7d480eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date: Mon, 27 Nov 2023 16:51:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4A20
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A65434DCF67D4AC3B9B0183BBA9A036F

43 B
741 B

58ms
58ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A65434DCF67D4AC3B9B0183BBA9A036F
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWFE1YX2gOYuTH6v6xUTFj0SHW1mCr%2Fk0N%2BPtGceAkKNPE6Xj7H%2Bt7BlpHRLANrt%2F5gtasgK9%2FXmWUFafkGTNJBkdUIkWQUA%2B060C0Yj%2BcT2lrIFRzuXS9VsQVK3JwX61Z%2FRAWTU%2BaFF1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cbdfae8d680eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 27 Nov 2023 16:51:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A65434DCF67D4AC3B9B0183BBA9A036F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 26 Nov 2023 16:51:04 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4A20 0
187 B 98ms
26ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 27 Nov 2023 16:51:03 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 4A20 43 B
103 B 44ms
38ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZWTI97tAKkoVaKtgOpfZEgAA%265239
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:51:03 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 45997
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82cbdfadd9290baa-AMS
content-length: 43
expires: Tue, 28 Nov 2023 16:51:03 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 61E3 0
596 B 41ms
41ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
an-x-request-uuid: ca295de6-518a-440c-8e4f-d0e1f4573840
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9042 0
596 B 29ms
29ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:04 GMT
an-x-request-uuid: 4cf3c6e7-6594-4576-82bb-0958313283cb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.110; 31.204.150.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je3b81v896365836&_p=1701103860383&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=485017696.1701103861&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1701103860&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fdeath-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html&dt=Death%20of%20Chinese%20Official%20Amid%20COVID%20Wave%20Casts%20Spotlight%20on%20Forced%20Organ%20Harvesting%20%7C%20NTD&en=ad_impression&ep.query_id=CPn2wNvR5IIDFSUUiwodFRYClA&_et=1888&tfd=9745
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 16:51:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 02:07:43	Name: lidid Value: ccf06f9c-939d-4884-8626-b0ee068d5859
i.liadm.com/s	1970-01-20 17:14:55	Name: _li_ss Value: CggKBgjdARDMFg
tnews.day/	1970-01-20 17:14:55	Name: prli_click_8240 Value: death-chinese-official-related-forced-organ-harvesting
tnews.day/	1970-01-21 01:17:19	Name: prli_visitor Value: 6564c8f27e6d9
.ntd.com/	1970-01-21 02:07:43	Name: pw_cid Value: 24bf4a00-8d45-11ee-a6a5-457d24545b44
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: iWNamF1y7Wk
.youtube.com/	1970-01-20 20:50:55	Name: VISITOR_INFO1_LIVE Value: GQNm7wz5xjo
.ntd.com/	1970-01-21 02:07:43	Name: _ga Value: GA1.1.485017696.1701103861
.mixi.media/	1970-01-20 18:55:43	Name: nid Value: ads5-1sselp17
.rubiconproject.com/	1970-01-21 01:17:19	Name: khaos Value: LPH5BFPY-13-6PO
.rubiconproject.com/	1970-01-21 01:17:19	Name: audit Value: 1\|naVuGyos1qpAgpK1pyjQ7+fhqFI7AU9U903mtsHdljB4B+ayZ+GoLjxOiakph9+p256dQHZRyj3z8yenK/o+fxEiWVDBisffxMlTS3QW8QAijy0RC4Zd8dAPlTu0R9RN
.stat.media/	1970-01-21 01:17:19	Name: _sm_uid Value: 3b1535c5-5a8b-4415-a7d5-a91d97e150e1
.stat.media/	1970-01-21 01:17:19	Name: _sm_udt Value: 1701103861592
.stat.media/	1970-01-20 16:31:45	Name: _sm_sid Value: 6de31396-ce60-4c3e-8a4e-33a7ae74f0b4
.stat.media/	1970-01-20 17:14:55	Name: _sm_cm Value: 32
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8675\|ZWTI+
.mixi.media/	1970-01-21 01:17:19	Name: _sm_uid Value: 3b1535c5-5a8b-4415-a7d5-a91d97e150e1
.mixi.media/	1970-01-21 01:17:19	Name: _sm_udt Value: 1701103861592
.mixi.media/	1970-01-20 16:31:45	Name: _sm_sid Value: 6de31396-ce60-4c3e-8a4e-33a7ae74f0b4
.ntd.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ntd.com
.ntd.com/	1970-01-21 02:07:43	Name: _lc2_fpi Value: 33df6995a8cd--01hg8v20232wy02mvr2gsb6qzs
.ntd.com/	1970-01-21 02:07:43	Name: _lc2_fpi_meta Value: {%22w%22:1701103861827}
www.ntd.com/	1970-01-20 20:50:55	Name: _geuid Value: 8b273da1-473c-43cb-a7e1-83860ba4c118
www.ntd.com/	1970-01-20 17:14:55	Name: _geps Value: true
a.clickcertain.com/	1970-01-21 01:17:19	Name: _ccpx_u Value: 10313aae%2d67f1%2d43f7%2d9249%2d6605aadce65b
.liadm.com/	1970-01-21 02:07:43	Name: lidid Value: ccf06f9c-939d-4884-8626-b0ee068d5859
a.clickcertain.com/	1970-01-21 01:17:19	Name: _ccpx Value: 2455d1796b86efb
a.clickcertain.com/	1970-01-21 01:17:19	Name: _ccpx_2455d1796b86efb Value: 1
.ntd.com/	1970-01-21 02:07:43	Name: _ga_2BRDBGYLL0 Value: GS1.1.1701103860.1.0.1701103862.58.0.0
.ntd.com/	1970-01-21 01:53:19	Name: __gads Value: ID=7fc0730ce325182a:T=1701103862:RT=1701103862:S=ALNI_Ma4D6JESyCncyNf344C39dQNzoQfQ
.ntd.com/	1970-01-21 01:53:19	Name: __gpi Value: UID=00000ce801fd1b36:T=1701103862:RT=1701103862:S=ALNI_MZB41R_3QKT7VexUAR-WRhvw1EH1w
.alocdn.com/	1970-01-21 01:17:19	Name: uuid Value: 92181c64-7aad-4dcd-8640-b08d2cb19f8e
.doubleclick.net/	1970-01-21 01:53:19	Name: IDE Value: AHWqTUkhep0VIXgNAq_fSv9cMag3A34udem4-qi4lt8gQNWejjQI7qqZxYp3jjJUhdU
.adnxs.com/	1970-01-20 18:41:19	Name: uuid2 Value: 949591801654591343
.casalemedia.com/	1970-01-21 01:17:19	Name: CMID Value: ZWTI97tAKkoVaKtgOpfZEgAA
.casalemedia.com/	1970-01-20 18:41:19	Name: CMPS Value: 5239
.casalemedia.com/	1970-01-20 18:41:19	Name: CMPRO Value: 5239
.doubleclick.net/	1970-01-20 16:31:47	Name: DSID Value: NO_DATA
.adsby.bidtheatre.com/	1970-01-20 16:41:48	Name: __kuid Value: 7c86e43b-1ca4-4a35-a76c-e6f28b6525e3.470317864
.simpli.fi/	1970-01-21 01:18:46	Name: suid Value: A65434DCF67D4AC3B9B0183BBA9A036F
.yahoo.com/	1970-01-21 01:17:41	Name: A3 Value: d=AQABBPjIZGUCEE3NyuFNECfkeLSzi1bxVZQFEgEBAQEaZmVuZQAAAAAA_eMAAA&S=AQAAAmAqaOF69Xre7BYi4270mAY
sync.srv.stackadapt.com/	1970-01-21 01:17:19	Name: sa-user-id Value: s%3A0-34c4e704-c86f-5a8f-467f-cb6d97df7b6e.cWGNk1NrpYFNw%2FtHpGxKeBh3CHalnpHuPqtRkPcI5JQ
.srv.stackadapt.com/	1970-01-21 01:17:19	Name: sa-user-id Value: s%3A0-34c4e704-c86f-5a8f-467f-cb6d97df7b6e.cWGNk1NrpYFNw%2FtHpGxKeBh3CHalnpHuPqtRkPcI5JQ
sync.srv.stackadapt.com/	1970-01-21 01:17:19	Name: sa-user-id-v2 Value: s%3ANMTnBMhvWo9Gf8ttl997bh_Mlm4.z1bp2zsGf5iC%2BBR1a1Z3SPbGlz4Dz1cgxTNMCk4yDX0
.srv.stackadapt.com/	1970-01-21 01:17:19	Name: sa-user-id-v2 Value: s%3ANMTnBMhvWo9Gf8ttl997bh_Mlm4.z1bp2zsGf5iC%2BBR1a1Z3SPbGlz4Dz1cgxTNMCk4yDX0
sync.srv.stackadapt.com/	1970-01-21 01:17:19	Name: sa-user-id-v3 Value: s%3AAQAKIO5rNqjE9kBN2r-XJN_JeM5Hw0D35_VYDt_-LtwdiLpREHwYBCD4kZOrBjABOgRyABfNQgSw9HfP.FJxIdzf1T8okj%2F%2BDfZjI53VD3qrpClkp9vVBGlU0MDw
.srv.stackadapt.com/	1970-01-21 01:17:19	Name: sa-user-id-v3 Value: s%3AAQAKIO5rNqjE9kBN2r-XJN_JeM5Hw0D35_VYDt_-LtwdiLpREHwYBCD4kZOrBjABOgRyABfNQgSw9HfP.FJxIdzf1T8okj%2F%2BDfZjI53VD3qrpClkp9vVBGlU0MDw
.amazon-adsystem.com/	1970-01-20 21:44:12	Name: ad-id Value: A9bIfkJPr0gqtsFmZuiHrHk
.amazon-adsystem.com/	1970-01-21 02:07:43	Name: ad-privacy Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.ntd.com/death-of-chinese-official-amid-covid-wave-casts-spotlight-on-forced-organ-harvesting_893884.html Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a194248ee7e8c476842149b27ba8df1.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
aax.amazon-adsystem.com
acdn.adnxs.com
b-code.liadm.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.epoch.cloud
cdn.indexww.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
dis.criteo.com
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
htlb.casalemedia.com
i.liadm.com
i.ntd.com
ib.adnxs.com
idx.liadm.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mixi.media
onetag-sys.com
p.alocdn.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.adnxs.com
pwe.epochbase.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sc.youmaker.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stat.media
stat.mixi.media
static.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static5.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.epochbase.com
sync.adotmob.com
sync.go.sonobi.com
sync.srv.stackadapt.com
tnews.day
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youtube.com
prebid.adnxs.com
sync.adotmob.com
100.25.176.198
104.18.36.155
104.18.38.76
136.243.66.182
151.101.129.108
172.217.16.194
172.64.151.101
178.250.1.9
18.207.9.209
18.239.64.29
18.239.83.131
185.162.95.70
185.89.208.11
185.89.210.101
2.19.198.138
2.19.226.3
2001:4860:4802:34::36
2600:1f18:730:b110:35a4:c4c9:a19a:9c98
2600:9000:225e:c600:8:8845:1500:93a1
2602:803:c003:200::31
2606:4700:20::681a:27a
2606:4700:20::681a:832
2606:4700::6810:7baf
2606:4700::6812:191e
2606:4700:e6::ac40:ca07
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a02:fa8:8806:21::1690
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
2a06:98c1:3120::3
34.107.251.162
34.110.129.224
34.120.97.157
34.91.62.186
34.95.81.168
35.168.179.116
35.71.131.137
44.215.233.184
51.89.9.252
52.16.22.123
52.32.175.23
52.46.143.56
52.87.28.41
52.92.241.32
64.227.64.62
69.166.1.35
69.173.144.165
98.98.134.242
99.86.4.30
01e6707dac66d64e9b3b3c96302a56e9692a04aa37a3d46c02af5181da4780b6
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b277cb4c269cb4554dd7c5c11ceeb83d705cd02b6b9b1122a0e56488ed091c2
0c5a3e13ad52b15a5e9f82b95a971d1203facb8ff8a47ac5fe144d61f2ec7c77
0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2
0ea258555e5fcf60617c4791778cba754e64b9acb2792b47c32af0cf2dfa0b3e
12d467813dd443184a5c52c782f0b3c2a401a873d28dc9130ac30900dc8590ab
133bd9c50accec513f057a09b3be1d84c8c791b8646640223573deca444f4657
163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
198d5b4709dfa22a922ce0610d02535885fba25722eeee7361b2e3463683e2ad
1aa64d05c4f7136a13dee9cf472e267e001d9bd974f03d4017c862a9e01ce633
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cc398ab3fbfe2ed810ac76b0dd51a58162407aec8f6abfd8cb5ff5dbad35792
203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
219ff18767a24807c0f419dfa1f3ccc7af086321d09eaab66dcc4b0c061912fd
2e52b90c4576fcc79aa119ec5d779a093ae19822d0a3f220d5e52db8251389f7
2efa7ce2e6654f1c7b259ea6780892365ae6b30efb0af15c2e2e7267a64f885d
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b
33da6c9d5c39ef304f3deedeb7b3fcff41e8e79c665627808430bbed8abea3ff
35426bf7928fb9b72340211ace2539a469a18bb6848dfb2a5e9cfae20f444624
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39606abb2773dd3c0cdad88f49c31445e9d558631c25fb21bcbf06046c361340
3c747ef1de111bedf5ebe5fdccf35edec562a0ae0f78ba41be6d5facf441ebe2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f
3f5f4311e902df5a7ee60558dd220609d6f1c8eae634ad2d5dcf5b6812fec5bf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4505adde3a6db0f39a9dc7428643d1e9b84331c2d3022bec401b7002c07369e5
452889647dfac521356e18f8fc2e4af00664f1d7f8fb9a905bc64d4e1d1c2c99
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c
4a085a48de1c29460f6e8dde984099c3cc348ea5db5bf26a878178939eb77d0c
4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4c4fb27c2d0bf96aad8bb2c15ccf820bc54e256c96fe1cceaead9aadf06d40f0
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d740920e569a02fab3ba2a33f3ee5be169400e2bb7ac55f291517eb3ce5d0bf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9d115a7cba0aa8a2fb00d608683ab400be33a39ffcb37a2d6a197d66a795bd
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57179112de4d4b4e1d1b6c501c17a9e90fc8517e5160d82ef95083fe69b1e1be
582e42d6984215cd2526b7a6f01bb23d649c746af9fafbb60bd3d43b09e4d123
584c6bcc2c7bbf71d6db8b9972036303a64cfe82e08347ed3f60328966ff93a2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
610433816074588c15c8150b69154c34bce853ff7c24e70974a12ec6805b0864
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626228f7a06eb9cec2221b530d9b5f608bf90ea227c1d7d7d86c0d7f44427c05
62982de3852dcf439c2a2f601f359288888edf6782ca42fc12d304efa3e35b2f
641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298
6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db
6e136a92e4e397fe1a887f1fb037494c06b8fe4f7d0702d2e63bedbd8bcd6650
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
720530af830892701ef8b15094596aba1a91afffc1a013cad9103da6cd9df0e4
72fd7e24b02580e7f6501d079c90a19d4c87ab4624c51f96f4e3c7a07a0e30d4
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751f916eef378462304f9f5cfefdfa560eba2ae4ec02c7b94d3bca7214c002b3
75dd95d08e886d54b4ede3ff4252cf36f30e8e8b061c9c9d9a1f4d3b3ee56b73
779d8fdda515b570970a5fb09b5eefbf0c8ec6300d969d4d609806a37f77e803
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433
7fb1e0e07bbdc3b33281fe67c3d24a610e086e30238e57e06ca4d390ebbd547e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bd847705654de71b032d78c4e293a5a58e70913fc32e910fccb0d3eef3d28ce
8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf
8c69be38f1fb2b16811680234ca39dadd569e379d3de94a48c20c2cbf2e1db3e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fdf7c13d5b3b559871a32380728a9c126bd004577031335423da2c981141407
92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d
99e232f0777782167244e5f824d348b49a9f92446b12810aa4a3d7216572aeaf
9c21eea3ff63e3cbe49cfe06d47eba4a268ed5e2d583d9fbe8590f39b85212ae
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a
a0945506bc3961bd4d422739b65836d81f5dd9467be75b3075b381a810e4e1d9
a0b6d631b76619f19588b0526f57e3533d6dfa14edce7dbc8e1ed07db59e26ff
a0e3be1e5d68685f7f0eb44dc7b89482675c43c7b5618a298753bec8172a156e
a3f4f50ac142c89c8db7cecb5fcb00ef460c973570b34cee2941ec050f6a8cbd
a688fb17db3135a2e8a73a23f2ceb5cde6f6cd4d6de4615ca4cf76caa0e5ae8f
a69962faa76a4320441014adb346553b9d1b298f9b7687ac3bf58df131c3ecdc
adcd6c31dcc6497364cc7f126f2fe13eca4845272b166cb18a7432dad1d72b89
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3
b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0
b0b305e408e4d852e855962afee13321ebf52d3894e1a8a42dfbf8d3b4741a9e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26fe5fa11212a2d528dfd8f30e5471d4a4ae981d9f3d8ebc350bd519b3aae25
b2997f9a557c9b636e93dfa7b84a57dfc6c7e3b6593f0341b77891dd7e19cc91
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a4df25e241b0441b39ba2a63e876fc14bea8404980ec73f463df1e94e815fe
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7de7f71ff6321b0e877c640db71837d14106546936ee39603f8d8fe006e1b82
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
ca200cb453733fbe1695a5de5862048e2ee9488ced0eccce5945ff3e98ad1145
d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1
d2afcefbcf3d465bcba23b00cdd5f7271cba3b6865f8259e0c6586814add8242
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
d6afc903e5795bdf0163a5d0ef7492b18b32600f8864077eef0a83b015a9e8a7
d6c009f52df88329b73c911172f8c563911c7f14ce34654cc36c6df7ab776d28
d780c2236b34848e2b3b15b3b2529b1eea1c2e7d92fbda888ad6766cbfe80bff
d8e903f694e3ec07e70ba5d20578116efa55db69fc45106177ac15f5decbe50d
dcb05bc6f6bc43783fe6132aeee6ecdacfc83c8223f32aa9c998c75b7f3dd9d9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf538ab166e90e4dfda982d360b06de8da42bd945c277ec6f357a55b43bbc5b
dd888e427df3b90abdf9d5ba395fa49eb73fcae91779ade6b914954f584c0552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3ae6930150fa98882faa7bb190c646f8f825bccdef2381c798970cb7d9ead2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2fbec20eff343b19ab9e0f85926cdee9701203228f142d35c1727e833850c1f
f5a33ccfcc05ae337e7f3924e408ae1486f368970ed761aabed6e7b057651498
f65440df3155434d00b0bb7fd1d092bfeb64e8c4f6be334bb8146d75a2f7fa9d
f6ddaaa8b25aa460477933b5c22190c3560f19cf86f2fae6dbd2d024ea194070
f7b8135765f3f80a21abfdf7fa76b920fb163f5d3290408089c3106b3c0af0e6
f8e78daa065e02de5d8b249192b4e2c364a523cff15f783b273a38664634354b
f9eddf5a65005ab000071c3179eaa30fce0f40e67d742a18ce8caf892264a652
fa7a0d190cf1cd8932c0549bd128c1f0d37015c34eab5f29b02382c23ce0608b
fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fcf3ed3aad7fa90aabfeacbb1ede454a6d2e2ac56a8d4c2be727e8fec1dcab4a

www.ntd.com Open in urlscan Pro 2606:4700::6812:191e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

88 %HTTPS

42 %IPv6

41 Domains

72 Subdomains

52 IPs

9 Countries

4170 kBTransfer

7821 kBSize

49 Cookies

13 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
2606:4700::6812:191e Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

88 %
HTTPS

42 %
IPv6

41
Domains

72
Subdomains

52
IPs

9
Countries

4170 kB
Transfer

7821 kB
Size

49
Cookies

176 HTTP transactions
10 data transactions