www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.to/scientists-wuhan-had-ccp-virushk
Effective URL:
https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-say...
Submission: On March 28 via api (March 28th 2022, 12:50:15 am UTC) from SG — Scanned from DE

Summary HTTP 323 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 68 IPs in 11 countries across 58 domains to perform 323 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 457889.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2021. Valid for: a year.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:2a1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
7	65.9.71.173 65.9.71.173	16509 (AMAZON-02) (AMAZON-02)
10	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 3	99.86.7.79 99.86.7.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c01::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	65.9.66.119 65.9.66.119	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
32	104.111.225.233 104.111.225.233	16625 (AKAMAI-AS) (AKAMAI-AS)
11	34.120.33.89 34.120.33.89	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	15.165.215.83 15.165.215.83	16509 (AMAZON-02) (AMAZON-02)
7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
5	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
4	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
4	63.32.216.168 63.32.216.168	16509 (AMAZON-02) (AMAZON-02)
12	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
8	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
12	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	146.185.195.94 146.185.195.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	52.79.156.248 52.79.156.248	16509 (AMAZON-02) (AMAZON-02)
2 4	211.249.220.158 211.249.220.158	7625 (DAUM-AS K...) (DAUM-AS Kakao Corp)
7 13	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	3.35.83.74 3.35.83.74	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
8 35	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.95.119.178 52.95.119.178	16509 (AMAZON-02) (AMAZON-02)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6 11	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.52.20 3.123.52.20	16509 (AMAZON-02) (AMAZON-02)
1 1	54.77.209.82 54.77.209.82	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3605:94f3:d01d:495a:dfd0	16509 (AMAZON-02) (AMAZON-02)
3 3	34.192.179.231 34.192.179.231	14618 (AMAZON-AES) (AMAZON-AES)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
2 2	54.211.231.81 54.211.231.81	14618 (AMAZON-AES) (AMAZON-AES)
2	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 3	18.185.246.45 18.185.246.45	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.176.104 52.92.176.104	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.37.35.1 3.37.35.1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	35.171.62.1 35.171.62.1	14618 (AMAZON-AES) (AMAZON-AES)
1 1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.83.79.238 35.83.79.238	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:ea4e	() ()
1	99.86.7.58 99.86.7.58	() ()
323	68

1 2606:4700:3037::6815:2a1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.79 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-79.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-119.fra56.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.111.225.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-233.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com

comment.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.165.215.83 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-165-215-83.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.161.190 (Paris, France)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.216.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-216-168.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static5.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.185.195.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel23.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.79.156.248 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 211.249.220.158 (Korea, Republic Of) 2 redirects

ASN7625 (DAUM-AS Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.18.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.35.83.74 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-83-74.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2.18.234.21 (Frankfurt am Main, Germany) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.119.178 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.46.130.91 (Ashburn, United States) 6 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.52.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-52-20.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.209.82 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-209-82.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:94f3:d01d:495a:dfd0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.179.231 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-179-231.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.211.231.81 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-231-81.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.246.45 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.176.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:27a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:932 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.37.35.1 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-35-1.ap-northeast-2.compute.amazonaws.com

sp-api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.62.1 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-62-1.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.83.79.238 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-79-238.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea4e (None, )

ASN- ()

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.58 (None, )

ASN- ()

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	dable.io static.dable.io — Cisco Umbrella Rank: 19333 api.dable.io — Cisco Umbrella Rank: 18116 r-log.dable.io — Cisco Umbrella Rank: 19764 adx.dable.io — Cisco Umbrella Rank: 3178 images.dable.io — Cisco Umbrella Rank: 21501 sp-api.dable.io — Cisco Umbrella Rank: 39827	247 KB
41	ntd.com www.ntd.com — Cisco Umbrella Rank: 457889 img.ntd.com — Cisco Umbrella Rank: 431327	2 MB
31	casalemedia.com 8 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 409 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	35 KB
22	adnxs.com 1 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1374 ib.adnxs.com — Cisco Umbrella Rank: 205 acdn.adnxs.com — Cisco Umbrella Rank: 523 secure.adnxs.com — Cisco Umbrella Rank: 359	84 KB
22	youmaker.com subs.youmaker.com — Cisco Umbrella Rank: 44365 sc.youmaker.com — Cisco Umbrella Rank: 47252 comment.youmaker.com — Cisco Umbrella Rank: 45632	882 KB
21	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	152 KB
21	amazon-adsystem.com 8 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 275 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352 s.amazon-adsystem.com — Cisco Umbrella Rank: 260	51 KB
15	googlesyndication.com 95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	84 KB
12	mixi.media mixi.media — Cisco Umbrella Rank: 33486 static.mixi.media — Cisco Umbrella Rank: 55608 target.mixi.media — Cisco Umbrella Rank: 43010 static2.mixi.media — Cisco Umbrella Rank: 49574 static8.mixi.media — Cisco Umbrella Rank: 42839 static5.mixi.media — Cisco Umbrella Rank: 54180	442 KB
12	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 eus.rubiconproject.com — Cisco Umbrella Rank: 503 token.rubiconproject.com — Cisco Umbrella Rank: 595 pixel.rubiconproject.com — Cisco Umbrella Rank: 289	17 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	439 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	222 KB
9	clickcertain.com 6 redirects a.clickcertain.com — Cisco Umbrella Rank: 3054	7 KB
8	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 604	9 KB
8	districtm.io dmx.districtm.io — Cisco Umbrella Rank: 1201 cdn.districtm.io — Cisco Umbrella Rank: 1598	388 B
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	24 KB
6	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 419 image6.pubmatic.com — Cisco Umbrella Rank: 571	62 KB
6	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 682 ads.yahoo.com — Cisco Umbrella Rank: 816 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416	2 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 293	1 KB
5	openx.net u.openx.net — Cisco Umbrella Rank: 621	317 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	37 KB
4	stat.media stat.media — Cisco Umbrella Rank: 17112	29 KB
4	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1487	1 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	1 KB
3	cognitivlabs.com 3 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1190	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 125	2 KB
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 5882	1 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 467	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 365	906 B
2	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 813	83 B
2	extend.tv 2 redirects sync.extend.tv — Cisco Umbrella Rank: 1459	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 490	647 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 730	1 KB
2	kakao.com act.ds.kakao.com — Cisco Umbrella Rank: 16221	986 B
2	daum.net 2 redirects analytics.ad.daum.net — Cisco Umbrella Rank: 14389	1 KB
2	media.net hbx.media.net — Cisco Umbrella Rank: 1208 hblg.media.net — Cisco Umbrella Rank: 1367	5 KB
2	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 19334	70 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	pushengage.com clientcdn.pushengage.com	21 KB
1	epoch.cloud services.epoch.cloud	2 KB
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 30622	726 B
1	amazonaws.com s3-us-west-2.amazonaws.com	29 KB
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 1742
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1624	334 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1385	307 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 557	299 B
1	adroll.com 1 redirects d.adroll.com — Cisco Umbrella Rank: 1396	112 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 565
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 434	705 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 2403	104 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 843	513 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	28 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 464	458 B
1	t.co t.co — Cisco Umbrella Rank: 448	337 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 531	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	33 KB
1	tnews.to 1 redirects tnews.to	952 B
323	58

	Domain	Requested by
26	images.dable.io	api.dable.io static.dable.io
22	www.ntd.com	www.ntd.com
19	dsum-sec.casalemedia.com	4 redirects ssum-sec.casalemedia.com
19	img.ntd.com	www.ntd.com
13	cm.g.doubleclick.net	7 redirects www.ntd.com ssum-sec.casalemedia.com
12	ib.adnxs.com	www.ntd.com acdn.adnxs.com
11	s.amazon-adsystem.com	6 redirects www.ntd.com ssum-sec.casalemedia.com
11	comment.youmaker.com	www.ntd.com comment.youmaker.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	subs.youmaker.com	www.ntd.com subs.youmaker.com
9	a.clickcertain.com	6 redirects a.remarketstats.com a.clickcertain.com
9	tpc.googlesyndication.com	www.ntd.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com
8	js-sec.indexww.com	www.ntd.com ssum-sec.casalemedia.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ntd.com
7	fonts.gstatic.com	www.ntd.com www.google.com fonts.googleapis.com
7	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
6	static.dable.io	www.ntd.com api.dable.io
5	match.adsrvr.org	www.ntd.com ssum-sec.casalemedia.com
5	pagead2.googlesyndication.com	www.ntd.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	u.openx.net	www.ntd.com
5	ads.pubmatic.com	www.ntd.com
5	prebid.adnxs.com	www.ntd.com
5	www.google.com	www.ntd.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	cdn.districtm.io	www.ntd.com
4	acdn.adnxs.com	www.ntd.com
4	stat.media	mixi.media stat.media
4	dmx.districtm.io	www.ntd.com
4	g2.gumgum.com	www.ntd.com
4	fastlane.rubiconproject.com	www.ntd.com
4	htlb.casalemedia.com	www.ntd.com
4	c2shb.ssp.yahoo.com	www.ntd.com
4	api.dable.io	static.dable.io
4	www.gstatic.com	www.google.com www.gstatic.com
3	x.bidswitch.net	1 redirects ssum-sec.casalemedia.com a.clickcertain.com
3	beacon.lynx.cognitivlabs.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects www.ntd.com
3	static2.mixi.media	www.ntd.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net api.dable.io
3	r-log.dable.io	static.dable.io
3	mixi.media	www.ntd.com static.mixi.media
3	sb.scorecardresearch.com	1 redirects www.ntd.com
2	p.alocdn.com	1 redirects
2	i.liadm.com	2 redirects
2	pixel.tapad.com	2 redirects
2	match.deepintent.com	ssum-sec.casalemedia.com
2	sync.extend.tv	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	eus.rubiconproject.com	www.ntd.com eus.rubiconproject.com
2	static5.mixi.media	www.ntd.com
2	adx.dable.io	www.ntd.com
2	act.ds.kakao.com	www.ntd.com
2	analytics.ad.daum.net	2 redirects
2	static.mixi.media	mixi.media www.ntd.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	js.chargebee.com	subs.youmaker.com js.chargebee.com
2	www.google-analytics.com	www.ntd.com www.google-analytics.com
1	clientcdn.pushengage.com	www.ntd.com
1	services.epoch.cloud	www.ntd.com
1	secure.adnxs.com	1 redirects
1	sp-api.dable.io
1	a.remarketstats.com	1 redirects
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	ad4m.at	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	sync.adotmob.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	d.adroll.com	1 redirects
1	id.rlcdn.com	www.ntd.com
1	px.ads.linkedin.com	www.ntd.com
1	ads.yahoo.com	www.ntd.com
1	ajax.googleapis.com	api.dable.io
1	static8.mixi.media	www.ntd.com
1	prebid-match.dotomi.com	www.ntd.com
1	sync.go.sonobi.com	www.ntd.com
1	image6.pubmatic.com	ads.pubmatic.com
1	target.mixi.media	www.ntd.com
1	95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hblg.media.net	www.ntd.com
1	www.googletagservices.com	hbx.media.net
1	analytics.twitter.com	static.ads-twitter.com
1	sc.youmaker.com	www.ntd.com
1	hbx.media.net	www.ntd.com
1	www.google.de	www.ntd.com
1	t.co	www.ntd.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.ads-twitter.com	www.ntd.com
1	www.googletagmanager.com	www.ntd.com
1	tnews.to	1 redirects
323	94

This site contains links to these domains. Also see Links.

Domain
legendsunfolding.com
newsletter.ntd.com
www.ntdtv.com
ntdtv.fr
www.ntdtv.kr
www.ntdtv.jp
www.ntdvn.net
ntdtv.ru
www.facebook.com
twitter.com
www.theepochtimes.com
www.state.gov
mixi.media

Subject Issuer	Validity	Valid
*.ntd.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-11` - `2022-09-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
js.chargebee.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
static.dable.io R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-02-28` - `2023-03-31`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
mixi.media R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
static.mixi.media R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
stat.media R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
target.mixi.media R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.pushengage.com Amazon	`2022-02-18` - `2023-03-17`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Frame ID: BA56AA4DA786F3087F66EF1F4B2B1A48
Requests: 154 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=vd83dt6c5uw0
Frame ID: 832F4ED98E33DB994413DBE4EA2A125B
Requests: 7 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tn=ENTD%20-%20signin
Frame ID: 96592BB077DF7F2DC9D18C08BAE28A6D
Requests: 2 HTTP requests in this frame

Frame: https://95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 066C1BC41C14EFFE0409C6CBAEB37F5E
Requests: 1 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Frame ID: 350B4F08D4F550B1895904B0B0C659FC
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Frame ID: 7F22996342FD498C8972EB29AA165170
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: ED94F5D4D766726C988624FCBDC8A113
Requests: 1 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Frame ID: 0AA5D978F93966B6DB0FA6C829B8018C
Requests: 37 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 50EDAEAABCA84430D061A7D66DB82910
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: E20C17DB8A8B835F17417AE349A56DBD
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F3AFAB744191F80B394FA5A77A5B8D4B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D93B4DC7E37E08C7899084F10EAF36E3
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C055BE4225D2C57C6F8B99E9AA089356
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 7988FA081A216F9545F769DFB2708D0F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0B1DE1F10820B014A344F00D8CB62091
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 34207536DD7B04DA9E7415FCCF07F1E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 225257860F47E4ED23FCB0683567AF65
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 45D1F2B63A98D017DB744785C993F8C0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B5FADED1042591A52A967ECE12D6488C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7602C38ABF652C4A72802BEC82396A1F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A2B10B03719D137BA93CC77414321312
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9681B314CC7144B76B7E25F849F9F62E
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E8E67EC9AD241E4D6A1E0A2C988FBB6E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1988DB38A68A21B8EE4CB12514CE5F4B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 40E3EC2086EAD4DCDE502EBFA309DD7D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 935DCCC2356E1CCC2A662494E36858E2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 02B11F078692765A95217897D30CC8EE
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: EA236C59EAD68F9111918656723483E4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 59316DCFA1AC71C1C62986A8982BFC34
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B3693142C82983A1C628005389EABB10
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A2B24723BC37AECEB52DC804D5731D49
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 129F8A50A264C17CCAB25FBA2316ED37
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BFE6E8A405A8DF48C242A2C2E6492335
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8193EB13668359AAE0DFB9CF390DB988
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B5424D9ED2331C18FB1A38B26E6A6340
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AAF7A7A27083C951F225F887D92EBE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEF360A21BFD868D119C5D658011F665
Requests: 2 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&cn=DE
Frame ID: 8E1341CBD059B6E0AE290FF7A4511FD6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scientists at Wuhan Virology Lab Had CCP Virus-Like Sickness in Autumn 2019, State Department Says

Page URL History Show full URLs

https://tnews.to/scientists-wuhan-had-ccp-virushk HTTP 307
https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-... Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

323
Requests

89 %
HTTPS

32 %
IPv6

58
Domains

94
Subdomains

68
IPs

11
Countries

5383 kB
Transfer

8404 kB
Size

64
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://legendsunfolding.com/
Title: Legends Unfolding

Search URL Search Domain Scan URL

URL: http://newsletter.ntd.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.ntdtv.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://ntdtv.fr/
Title: FRENCH

Search URL Search Domain Scan URL

URL: https://www.ntdtv.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.ntdtv.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.ntdvn.net/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://ntdtv.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&via=news_ntd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/giving-the-right-name-to-the-virus-causing-a-worldwide-pandemic-2_3277200.html
Title: CCP virus

Search URL Search Domain Scan URL

URL: https://www.state.gov/fact-sheet-activity-at-the-wuhan-institute-of-virology/
Title: fact sheet

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/alex-azar-on-ccp-cover-up-of-pandemic-we-learned-about-the-virus-from-taiwan_3658541.html
Title: from Taiwan

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/the-timeline-of-the-coverup_3328878.html
Title: inform the world

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html
Title: The Epoch Times

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11788960&bl=95162&ct=adpreview&st=46&nvuuid=06e273b8-41a0-baf1-6200-001e41b30102&bvuuid=244e3130-417c-44f2-b03e-aebb8087188d&rnd=503494897&ag=25&ev=H4sIAAAAAAAA_wEaAOX_Chigxc8FjLHSBbTP0wX8sNIFodjTBZfdzwWVDXw6GgAAAA&suid=CiRiZTY4YTdlOS1mNDEyLTQ0MWMtYWY3Yi02YTVjNDViN2E2N2MSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11835532&bl=95162&ct=adpreview&st=46&nvuuid=0698735b-418c-ba9c-6200-001941b40112&bvuuid=244e3130-417c-44f2-b03e-aebb8087188d&rnd=420633500&ag=25&ev=H4sIAAAAAAAA_wEaAOX_Chigxc8FjLHSBbTP0wX8sNIFodjTBZfdzwWVDXw6GgAAAA&suid=CiRiZTY4YTdlOS1mNDEyLTQ0MWMtYWY3Yi02YTVjNDViN2E2N2MSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11855796&bl=95162&ct=adpreview&st=46&nvuuid=06e7733c-41b4-bae9-6200-003341b401ac&bvuuid=244e3130-417c-44f2-b03e-aebb8087188d&rnd=866925801&ag=25&ev=H4sIAAAAAAAA_wEaAOX_Chigxc8FjLHSBbTP0wX8sNIFodjTBZfdzwWVDXw6GgAAAA&suid=CiRiZTY4YTdlOS1mNDEyLTQ0MWMtYWY3Yi02YTVjNDViN2E2N2MSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11835516&bl=95162&ct=adpreview&st=46&nvuuid=0698731a-417c-badb-6200-002c41b40131&bvuuid=244e3130-417c-44f2-b03e-aebb8087188d&rnd=741415643&ag=25&ev=H4sIAAAAAAAA_wEaAOX_Chigxc8FjLHSBbTP0wX8sNIFodjTBZfdzwWVDXw6GgAAAA&suid=CiRiZTY4YTdlOS1mNDEyLTQ0MWMtYWY3Yi02YTVjNDViN2E2N2MSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11856929&bl=95162&ct=adpreview&st=46&nvuuid=06ec733b-4121-bac4-6200-007041b401fb&bvuuid=244e3130-417c-44f2-b03e-aebb8087188d&rnd=1895513028&ag=25&ev=H4sIAAAAAAAA_wEaAOX_Chigxc8FjLHSBbTP0wX8sNIFodjTBZfdzwWVDXw6GgAAAA&suid=CiRiZTY4YTdlOS1mNDEyLTQ0MWMtYWY3Yi02YTVjNDViN2E2N2MSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11792023&bl=95162&ct=adpreview&st=46&nvuuid=06ee737a-4197-bae1-6200-005441b301f4&bvuuid=244e3130-417c-44f2-b03e-aebb8087188d&rnd=1425308385&ag=25&ev=H4sIAAAAAAAA_wEaAOX_Chigxc8FjLHSBbTP0wX8sNIFodjTBZfdzwWVDXw6GgAAAA&suid=CiRiZTY4YTdlOS1mNDEyLTQ0MWMtYWY3Yi02YTVjNDViN2E2N2MSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.to/scientists-wuhan-had-ccp-virushk HTTP 307
https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1648428607975&ns_c=UTF-8&cv=3.5&c8=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&c7=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1648428607975&ns_c=UTF-8&cv=3.5&c8=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&c7=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&c9=

Request Chain 148

https://analytics.ad.daum.net/match?d=111&uid=82117105.1648428608930 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEAShigmMnAIPg00Bli-HWc0&google_cver=1

Request Chain 250

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 251

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 252

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 253

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 254

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTdkYmRhZmEwYmIzZmI4NmJhMjljNDA3MGM2NjEzNWU2YTA3Mzk4ZQ

Request Chain 255

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L19ZTYRX-L-A1X0&sigv=1&esig=2~e856b25351d611facf60af7bb0148307274a4404

Request Chain 256

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L19ZTYRX-L-A1X0

Request Chain 257

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WDIl28_BRViwsFGVyOX_tA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDIl28_BRViwsFGVyOX_tA

Request Chain 259

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5WlRZUlgtTC1BMVgw

Request Chain 260

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pRW6Tj5iTa-Ck3SwwYhLZA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pRW6Tj5iTa-Ck3SwwYhLZA

Request Chain 262

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

Request Chain 264

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t

Request Chain 266

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ftHoN79t1NyDAf5&gdpr=1

Request Chain 267

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 269

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aa76890-2d75-4bc0-9a32-4a991d158269&expiration=1679964611

Request Chain 271

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

Request Chain 273

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t

Request Chain 275

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1651020611

Request Chain 276

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YkEGQwAQQxZheQAy HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YkEGQwAQQxZheQAy&gdpr=1&_test=YkEGQwAQQxZheQAy

Request Chain 277

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 278

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=00842881-9a77-45d6-841a-a99733c64aa0

Request Chain 280

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

Request Chain 283

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB&dcc=t

Request Chain 284

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=13428a42-96a3-47e8-9e18-d1d5262e8033&expiration=1679964611

Request Chain 286

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d7c41a77-b153-4c1d-a971-98a046260903

Request Chain 289

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB&dcc=t

Request Chain 292

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

Request Chain 293

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a67c8f4b-1312-c2d5-c5b44116

Request Chain 294

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=683f2749-bbf2-46b8-8b83-c64abb1c3a86&expiration=1679964611

Request Chain 301

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html HTTP 302
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=scientists%2dat%2dwuhan%2dvirology%2dlab%2dhad%2dccp%2dvirus%2dlike%2dsickness%2din%2dautumn%2d2019%2dstate%2ddepartment%2dsays_554095%2ehtml HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb

Request Chain 315

https://a.clickcertain.com/px/ta/?ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=ad058e4f-c652-4a05-8a26-0c1e7208a693

Request Chain 316

https://a.clickcertain.com/px/r/?ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7681bd88%25252d40a7%25252d4f37%25252d8a72%25252da4b917ce2dd3%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7681bd88%25252d40a7%25252d4f37%25252d8a72%25252da4b917ce2dd3%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&_li_chk=true&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&previous_uuid=b0e83a33c69b417686e8ee53747bece9 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d7681bd88%252d40a7%252d4f37%252d8a72%252da4b917ce2dd3%2526anx_uId%253d%2524UID&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d7681bd88%2d40a7%2d4f37%2d8a72%2da4b917ce2dd3%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7681bd88%2D40a7%2D4f37%2D8a72%2Da4b917ce2dd3%26anx_uId%3D%24UID&google_gid=CAESEGtnFRhfnGwBPJo6TnJCm2U&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&anx_uId=3565113935969799681 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&expires=5&user_group=0

Request Chain 318

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522bf0c6e2f-60b8-4c5f-9acf-f50b3f924258%2522%257D&title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522bf0c6e2f-60b8-4c5f-9acf-f50b3f924258%2522%257D&title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tdc=1

Request Chain 321

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEI-8SRs-W5qGsWwzUal6Ymo&google_cver=1

Request Chain 322

https://analytics.ad.daum.net/match?d=111&uid=82117105.1648428608930 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D

323 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html Show response
www.ntd.com/
Redirect Chain

https://tnews.to/scientists-wuhan-had-ccp-virushk
https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

44 KB
12 KB

30ms
12ms

Document
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

645d015a31bc039d50812e8dc9cbeb84d182b9d2336cce7a53f8a4fb30bb7554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
cache-control: max-age=390
content-encoding: gzip
content-length: 11812
content-type: text/html; charset=UTF-8
accept-ranges: bytes
server: nginx/1.12.2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-device: desktop
x-cache-status: MISS
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds213.fr8.c

Redirect headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Bfou8CdpP9ZJ4qjfyGD1GZmJqvv6vW1%2FuKEogVNYoo0NJ%2Fh0h4%2F0900GStl3ZPdXuz0dicNRNCaNfdUnztgAcNwxyiuUMZny7Exg497IVgqHRT9sPhV3I2DrZbhsdMpY00YReCphA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2c5ea22cf2375b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 43ms
8ms Script
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 645
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0PWAQXERVH6PGCYTCP6W
date: Mon, 28 Mar 2022 00:39:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZvS6kvEofSBtQtLUfgyrDUkONVLn32v1GiCZjNCMjG0e8H2fBSttBA==

GET
H2 200 prebid.js Show response
www.ntd.com/assets/themes/m-ntd/js/ads/ 285 KB
106 KB 14ms
13ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 18:58:27 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5fac3453-47523"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds211.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 108407
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 template.css
subs.youmaker.com/lib/ 8 KB
9 KB 145ms
113ms Stylesheet
text/css 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css?ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
via: 1.1 google
last-modified: Mon, 28 Feb 2022 15:19:38 GMT
server: nginx/1.20.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 8659

GET
H2 200 style.css
www.ntd.com/assets/themes/ntd/ 2 KB
1004 B 14ms
13ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 14:57:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6be0-6aa"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds145.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 859
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.ntd.com/assets/themes/ntd/css/ 25 KB
7 KB 33ms
33ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Nov 2021 15:39:08 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"61a4f41c-63d3"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds098.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 6600
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/ 41 KB
26 KB 34ms
33ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:24:00 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"6089d270-a2da"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds144.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 26471
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 single.css
www.ntd.com/assets/themes/ntd/css/ 15 KB
4 KB 37ms
37ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e7cee0a0eb35e96c9a23a587db0ae9e57a4d440d42ce34a686dbeb5c3b9ee3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 Mar 2022 17:23:01 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"623f4bf5-3dea"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds145.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 4294
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 LIVE_TV.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 13ms
10ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/LIVE_TV.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 18:53:29 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "617af1a9-615"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds254.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1557
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_ntd_evening_news.jpg
img.ntd.com/assets/uploads/2021/02/ 64 KB
64 KB 34ms
13ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_evening_news.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Tue, 02 Feb 2021 20:05:39 GMT
server: nginx/1.12.2
etag: "6019b093-ffc1"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds238.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65473

GET
H2 200 ntd_show_menu_china_in_focus.jpg
img.ntd.com/assets/uploads/2021/02/ 79 KB
79 KB 37ms
16ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_china_in_focus.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Tue, 02 Feb 2021 20:05:37 GMT
server: nginx/1.12.2
etag: "6019b091-13ba2"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds289.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 80802

GET
H2 200 NTD-Business-412x222.jpg
img.ntd.com/assets/uploads/2021/02/ 66 KB
66 KB 45ms
24ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/NTD-Business-412x222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Tue, 02 Feb 2021 21:10:04 GMT
server: nginx/1.12.2
etag: "6019bfac-1069e"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds149.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 67230

GET
H2 200 ntd_show_menu_ntd_news_today.jpg
img.ntd.com/assets/uploads/2021/02/ 66 KB
66 KB 46ms
25ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_news_today.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Tue, 02 Feb 2021 20:05:40 GMT
server: nginx/1.12.2
etag: "6019b094-10886"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds248.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 67718

GET
H2 200 Capitol-Report-412_222.jpg
img.ntd.com/assets/uploads/2021/09/ 61 KB
61 KB 46ms
26ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/09/Capitol-Report-412_222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sat, 25 Sep 2021 15:44:11 GMT
server: nginx/1.12.2
etag: "614f43cb-f36a"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds156.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62314

GET
H2 200 95053e83b9351098938db8f28bdb1ba3.jpg
img.ntd.com/assets/uploads/2022/01/ 104 KB
104 KB 47ms
27ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/01/95053e83b9351098938db8f28bdb1ba3.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Thu, 27 Jan 2022 03:43:28 GMT
server: nginx/1.12.2
etag: "61f214e0-19f08"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds102.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106248

GET
H2 200 Wide-Angle-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 147 KB
148 KB 18ms
18ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/Wide-Angle-NTD-412x222.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Mon, 05 Apr 2021 04:06:40 GMT
server: nginx/1.12.2
etag: "606a8cd0-24c4a"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds013.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 150602

GET
H2 200 Washingtons-armor_412x222_2x.jpg
img.ntd.com/assets/uploads/2022/02/ 145 KB
145 KB 14ms
12ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/02/Washingtons-armor_412x222_2x.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7f381db5c5098522ee80c344efef2a2f6e7467084869f64253c5fe6340828e9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Fri, 11 Feb 2022 03:22:16 GMT
server: nginx/1.12.2
etag: "6205d668-24473"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds232.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 148595

GET
H2 200 NTD-A-Good-Cop-Banner-412x222-v2.jpg
img.ntd.com/assets/uploads/2021/12/ 35 KB
35 KB 30ms
28ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/12/NTD-A-Good-Cop-Banner-412x222-v2.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8b622ac31b659e965866e554d239ba5b9e36ba09438ed7703e659c7d58794b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sun, 12 Dec 2021 04:21:57 GMT
server: nginx/1.12.2
etag: "61b578e5-8c21"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds221.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35873

GET
H2 200 Wuhan-Institute-of-Virology-aerial-900x506.jpg
img.ntd.com/assets/uploads/2021/01/ 129 KB
129 KB 738ms
736ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/01/Wuhan-Institute-of-Virology-aerial-900x506.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d9cced9463f5b7e9240679f319c571c76786f41e367de91a45dc1d264212f897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
last-modified: Sat, 16 Jan 2021 05:09:43 GMT
server: nginx/1.12.2
etag: "60027517-204ca"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds236.fr8.sc,1648428608.cds236.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 132298

GET
H2 200 watch_ntd_on.png
www.ntd.com/assets/themes/ntd/images/ 20 KB
20 KB 15ms
14ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/watch_ntd_on.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 22:32:45 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "6192e00d-50f6"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds279.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 20726
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 watch_ntd_row1-2.png
img.ntd.com/assets/uploads/2021/11/ 64 KB
64 KB 29ms
28ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row1-2.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Mon, 15 Nov 2021 20:41:36 GMT
server: nginx/1.12.2
etag: "6192c600-fe6b"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds240.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65131

GET
H2 200 watch_ntd_row2-2.png
img.ntd.com/assets/uploads/2021/11/ 127 KB
128 KB 23ms
22ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row2-2.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7304a8b44027d55051ff16666fa5d9b371b0aaf7ea5136de52d18f00e40cc6e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Wed, 17 Nov 2021 15:05:18 GMT
server: nginx/1.12.2
etag: "61951a2e-1fd9d"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds003.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 130461

GET
H2 200 China-plane-crash-Getty-1239405090-270x152.jpg
img.ntd.com/assets/uploads/2022/03/ 13 KB
13 KB 20ms
19ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/03/China-plane-crash-Getty-1239405090-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52be68347741f64b52375244b714eabd8f5cc622aca3e89c6bce0f1164fa51b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sun, 27 Mar 2022 17:11:04 GMT
server: nginx/1.12.2
etag: "62409aa8-3242"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds266.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12866

GET
H2 200 hypatia-270x152.jpg
img.ntd.com/assets/uploads/2022/03/ 9 KB
9 KB 26ms
24ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/03/hypatia-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0d74d68e0eb2a8b31e58858978af32d37d48b6f5b78294589ec4170438fef77b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sat, 26 Mar 2022 15:30:53 GMT
server: nginx/1.12.2
etag: "623f31ad-2378"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds002.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9080

GET
H2 200 Obit_Taylor_Hawkins_22085136476349-270x152.jpg
img.ntd.com/assets/uploads/2022/03/ 12 KB
12 KB 25ms
24ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/03/Obit_Taylor_Hawkins_22085136476349-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9286a81068c23e3e41b8b9abf575c0678fd72a1d5018886b943764d9e3b35a28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sat, 26 Mar 2022 15:21:20 GMT
server: nginx/1.12.2
etag: "623f2f70-30f9"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds125.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12537

GET
H2 200 FDA-logo-edited-2-270x152.jpg
img.ntd.com/assets/uploads/2022/03/ 8 KB
8 KB 25ms
24ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/03/FDA-logo-edited-2-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d3a37c8909675ef02985ca9e2a922a3bb0e40505a38018b3f3bbe075b5a7b7d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sun, 27 Mar 2022 12:58:54 GMT
server: nginx/1.12.2
etag: "62405f8e-1e89"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds053.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7817

GET
H2 200 Ukraine-Lviv-fire-ccet-510A5382-600x400-270x152.jpeg
img.ntd.com/assets/uploads/2022/03/ 41 KB
41 KB 24ms
22ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/03/Ukraine-Lviv-fire-ccet-510A5382-600x400-270x152.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e667783197f915fa59454634d11a59e197f8fe1112ee658f86ed288dc7ca3f34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Sat, 26 Mar 2022 17:50:06 GMT
server: nginx/1.12.2
etag: "623f524e-a45e"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds137.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 42078

GET
H2 200 GettyImages-1239402560-270x152.jpg
img.ntd.com/assets/uploads/2022/03/ 10 KB
10 KB 23ms
23ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2022/03/GettyImages-1239402560-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7724923e8ef7a8c09dbf2c3587a81b1f089af25cd9a1c25f5afff957f5aa4aa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Wed, 23 Mar 2022 00:13:04 GMT
server: nginx/1.12.2
etag: "623a6610-278e"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds055.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10126

GET
H2 200 white.png
www.ntd.com/assets/themes/ntd/images/ 95 B
205 B 17ms
16ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 14:57:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-5f"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds127.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 footer-2_949x356.jpg
img.ntd.com/assets/uploads/2021/02/ 349 KB
350 KB 13ms
11ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/footer-2_949x356.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
last-modified: Wed, 03 Feb 2021 22:50:49 GMT
server: nginx/1.12.2
etag: "601b28c9-573d6"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds007.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 357334

GET
H2 200 jquery-all.min.js Show response
www.ntd.com/assets/themes/ntd/js/ 98 KB
40 KB 13ms
13ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 14:57:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6be0-188ff"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds054.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.js Show response
www.ntd.com/assets/themes/ntd/js/ 39 KB
13 KB 11ms
10ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220211

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c43d412fc5ba2c57cc90b13e324b0aae3824e0b22b6e246a4ade5f9ce0a8ea02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Feb 2022 15:25:36 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"6207d170-9d2a"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds135.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 12993
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.youmaker.com/lib/ 236 KB
236 KB 114ms
114ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 8626b1ee1a967ed67e733bd403dcf03f0ae7879031f2bec7da6625525a23dd27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
via: 1.1 google
last-modified: Mon, 28 Feb 2022 15:19:38 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 241506

GET
H2 200 article_ads.js Show response
www.ntd.com/assets/themes/ntd/js/ 31 KB
9 KB 13ms
13ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Oct 2021 19:10:24 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"617069a0-7c65"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds292.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 8981
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 print.css
www.ntd.com/assets/themes/ntd/css/ 532 B
431 B 17ms
17ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/print.css?ver=20200706

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 18:35:54 GMT
server: nginx/1.12.2
etag: W/"5f036f0a-214"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds245.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 320
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 79914
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Sun, 27 Mar 2022 02:38:14 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Xl6z1-ESZp50mw8My_g5leXQXmbHr3VBnI31UxiZYBRK3BzY4aa8Hw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
33 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21a2f38a3301e9d90fb35900979ab70add603b3ce3bd25171f7b8a4d0e93d3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33345
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Mar 2022 00:50:07 GMT

GET
H2 200 NTDLogo.svg
www.ntd.com/assets/themes/ntd/images/ 660 B
550 B 20ms
20ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Nov 2021 15:31:27 GMT
server: nginx/1.12.2
etag: "618e88cf-294"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds263.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 428
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Medium.otf
www.ntd.com/assets/themes/ntd/fonts/ 118 KB
119 KB 19ms
19ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Medium.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1d9d8"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds012.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 121304
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Bold.otf
www.ntd.com/assets/themes/ntd/fonts/ 122 KB
122 KB 27ms
27ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Bold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1e6ec"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds211.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 124652
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 header-handshake.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 16ms
16ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/header-handshake.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:31 GMT
server: nginx/1.12.2
etag: "606f685f-61d"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds272.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1565
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2721
date: Mon, 28 Mar 2022 00:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 02:04:46 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 41ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
last-modified: Sat, 26 Mar 2022 00:11:36 GMT
fastly-original-body-size: 5410
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100120-IAD, cache-hhn11542-HHN

GET
H2 200 ENTD_Play.svg
www.ntd.com/assets/themes/ntd/images/ 2 KB
1 KB 15ms
15ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/ENTD_Play.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-7e6"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds016.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 938
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 NTD_logo.png
www.ntd.com/assets/themes/ntd/images/ 4 KB
4 KB 15ms
15ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 19:44:39 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5ed94f27-f46"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds214.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 3910
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 footer-app-logo.png
www.ntd.com/assets/themes/ntd/images/ 73 KB
73 KB 15ms
15ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:31 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "606f685f-122fe"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds219.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 74494
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Semibold.otf
www.ntd.com/assets/themes/ntd/fonts/ 123 KB
123 KB 23ms
22ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1eb2c"
x-hw: 1648428607.cds165.fr8.hn,1648428607.cds232.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 125740
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 23:15:48 GMT
x-content-type-options: nosniff
age: 437659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 23:15:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=171955402&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&dp=%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ul=en-us&de=UTF-8&dt=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=580793746&gjid=1071982638&cid=262725209.1648428608&tid=UA-128455718-1&_gid=1634324835.1648428608&_r=1&_slc=1&cd1=28902&cd2=103&cd3=%3Bcoronavirus-outbreak-28902%3Bchina-10%3Bnews-8%3Bspecial-coverage-24850%3Bus-9%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd5=%3Bcoronavirus-outbreak-28902%3Bchina-10%3Bnews-8%3Bspecial-coverage-24850%3Bus-9%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd21=554095&cd22=ivan-pentchoukov&cd23=Ivan%20Pentchoukov&cd26=CCP%20Virus&cd28=%3BCCP%20Virus%3BChina%3BNews%3BSpecial%20Coverage%3BUS%3B&cd29=%3BWuhan%20lab%3Bchina%3BCCP%20virus%3B&cd30=20210115&cd31=20210116&cd33=573&cd38=103&cd42=%3Bwuhan-lab%3Bchina%3Bccp-virus%3B&cd43=post&z=967648667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 24ms
8ms Script
application/javascript 99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 02:28:17 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 80525
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: --8TKk13H8qL-vpe8bYu2Fpt98VYM0zpgf7wiJbXCaj4O-QABHLKZA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128455718-1&cid=262725209.1648428608&jid=580793746&gjid=1071982638&_gid=1634324835.1648428608&_u=YEBAAEAAAAAAAC~&z=799653733

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Mar 2022 00:50:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 138ms
115ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=41c6ab5d-0d56-437e-9261-a163ae59d9ca&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 28 Mar 2022 00:50:07 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 56a25e42d36d9d6ba1583a8360f36ec7502039bb82d16dfc20a03d23c8e3f569
content-length: 43

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1648428607975&ns_c=UTF-8&cv=3.5&c8=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20S...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1648428607975&ns_c=UTF-8&cv=3.5&c8=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20...

0
222 B

9ms
9ms

Image
text/plain

99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1648428607975&ns_c=UTF-8&cv=3.5&c8=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&c7=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&c9=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: rrBXEEf7td_F5GXmw81V2NA28bYar2mMlDinSLvpcLfwsVgUtH_LFw==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 28 Mar 2022 00:50:07 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1648428607975&ns_c=UTF-8&cv=3.5&c8=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&c7=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&c9=
content-length: 389
x-amz-cf-id: uS1c970rNeF2VLK-6n-J28G57Y9j1mKhy0IJvyxJ0LkTZzitEO2KWw==

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 216 KB
66 KB 53ms
8ms Script
application/x-javascript 65.9.66.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-119.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

70551a79d67fb07076ba5102e8be0778f7ad9df891195dee8bca564c32a0a58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: mpbwlETBiS6w4bW7FM_XDBEzqALi5cCS
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 21 Mar 2022 12:40:09 GMT
server: AmazonS3
age: 118
etag: W/"ebf256ceeb4dab631f2196b3d0df55e2"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Mon, 28 Mar 2022 00:48:13 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qywQGWgwcU_uD_cvIoIFYkU8uwt8xcfz055E2DS4JEw7UOXBAUP9pg==

GET
H2 200 geo Show response
subs.youmaker.com/rules/ 88 B
149 B 135ms
113ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo?siteid=&uid=4dbec52d-0a56-4e8c-b8d1-b66fcf90ba8d
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 88

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=262725209.1648428608&jid=580793746&_u=YEBAAEAAAAAAAC~&z=659497070

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 49ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=262725209.1648428608&jid=580793746&_u=YEBAAEAAAAAAAC~&z=659497070

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 11 KB
4 KB 195ms
140ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

57ff71b49b54c7cb6c9047d59febf26716fe2611039a4236e1d7bc44a306197d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 28 Mar 2022 00:50:08 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 4193
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
300 B 13ms
13ms XHR
text/plain 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: PZFIeeahh5Cu0Q6yi67zp9L4I1yMq3S9ZwIPYNA-QngOSvqDqz0jWA==

GET
H2 200 geo Show response
subs.youmaker.com/rules/ 88 B
352 B 114ms
112ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo?siteid=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b

Request headers

Accept: */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 88

GET
H2 200 count Show response
sc.youmaker.com/site/article/ 139 B
259 B 153ms
116ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/site/article/count?site=www.ntd.com&user=80ed5f6d-3ade-b91b-301e-d55e539c968e&postid=554095
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a80dbcb4f9b768e0fcdcc076a02d6d9b21d76d23810bda30adda5931d7e22df6

Request headers

Accept: */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: clear
content-length: 139
content-type: application/json;charset=UTF-8

GET
H2 200 nest_newsletter_cif.jpg
www.ntd.com/assets/themes/ntd/images/ 120 KB
120 KB 11ms
10ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/nest_newsletter_cif.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 14:03:31 GMT
server: nginx/1.12.2
etag: "612e36b3-1de33"
x-hw: 1648428608.cds165.fr8.hn,1648428608.cds205.fr8.c
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 122419
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
794 B 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f72b72ddcc64d4958441690fbe0beb6f5aa20e7088f37dbd6af63cfacd87561c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 157ms
121ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=41c6ab5d-0d56-437e-9261-a163ae59d9ca&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 113
date: Mon, 28 Mar 2022 00:50:07 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 3c6ab6b15e2e941edc950daaaa3a3fc329ca84d097774b2877ad83b8e7ec4da7
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 361 KB
143 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 15:34:13 GMT

GET
H2 200 81-783d99429a4cd7a0ef9f.js Show response
js.chargebee.com/v2/ 11 KB
4 KB 8ms
8ms Script
application/x-javascript 65.9.66.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/81-783d99429a4cd7a0ef9f.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-119.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

acb2bc99a72dd5f3ddd68c6485959d75960c6664019bda5781a08b0904cfbaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: KGxCume9FlpifXP70jk1UomCfgLXbes3
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 21 Mar 2022 12:40:09 GMT
server: AmazonS3
age: 206
etag: W/"a686c673e33b45ee49bbe6e697d1d8b9"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Mon, 28 Mar 2022 00:46:51 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: N_XxXcJTcLR7PXHto8W8k7btyWjCHC7VYe_1UrYnwwc-teKcinIZeA==

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 107 KB
34 KB 121ms
41ms Script
application/javascript 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: e2b6c47b99e5a90a3b381b28610ac491198dc6f77ab52dfb95912fcef6f4189a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Y0otHLLcRamB1uKN_ZjSWYEqbRetSXJt
Content-Encoding: gzip
Last-Modified: Tue, 15 Mar 2022 06:35:04 GMT
Server: nginx/1.20.0
x-amz-request-id: 3HKQBET00A1D4YH2
ETag: "692664d9b1c52b6e2c394dd1e7f13db1"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=58338
Date: Mon, 28 Mar 2022 00:50:08 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34032
x-amz-id-2: MfXh2WqPYKoxJ2Wrihmfi8Og6IPUlkh7VdaR+QjeVrHDXEfLV1WNPELOiHd5CHtaV7cQJv09B0Y=

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 832F 42 KB
22 KB 42ms
24ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=vd83dt6c5uw0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f6bddabdd702ee4d557fb409c94557943a4ff9eca9acfc6141894b2bf1453c67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h7o9J7DGHhSuF6BHOHrb/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Mar 2022 00:50:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-h7o9J7DGHhSuF6BHOHrb/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22042
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 embed.js Show response
comment.youmaker.com/web/ 7 KB
8 KB 146ms
114ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/embed.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
last-modified: Fri, 18 Mar 2022 18:49:30 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 7637
app-version: 0.1.2

GET
H2 200 counter.js Show response
comment.youmaker.com/web/ 2 KB
2 KB 146ms
114ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/counter.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
last-modified: Fri, 18 Mar 2022 18:49:30 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 2305
app-version: 0.1.2

GET
H2 200 get Show response
subs.youmaker.com/template/ 165 B
230 B 119ms
113ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/template/get?tid=signin&sid=www.ntd.com&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=4dbec52d-0a56-4e8c-b8d1-b66fcf90ba8d
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 165

GET
H2 200 get Show response
subs.youmaker.com/rules/ 14 KB
14 KB 116ms
114ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/get?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=4dbec52d-0a56-4e8c-b8d1-b66fcf90ba8d
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
alt-svc: clear
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28043
x-xss-protection: 0
server: sffe
etag: "1171 / 825 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 30ms
20ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&r=7&cid=8CUBNN02K&m=KILL_SWITCH&pid=&svr=032612_333&abte=SSP_CLIENT&dn=www.ntd.com&requrl=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/ntd.com/ 496 B
742 B 815ms
269ms Script
text/javascript 15.165.215.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/ntd.com/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.165.215.83 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-165-215-83.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

48ce64e0e1899165a4d2e44ffcde43cc1bc5e8ea6c21fad85b4d042938ecd370

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.0
etag: W/"1f0-IhNGxiLh7+/yCuOvbzdQmryPFjY"
content-type: text/javascript; charset=utf-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame 832F 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=vd83dt6c5uw0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 20:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 20:06:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame 832F 361 KB
142 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 15:34:13 GMT

GET
H2 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 30ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Mar 2023 21:10:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
703 B 49ms
17ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ntd.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

693e4cbefa63e241c6bd466dc7bdd457130d4dc6eb5f51ab64d09330b4728040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 832F 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 277799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 31 Mar 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 832F 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 480723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 832F 15 KB
15 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 453020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 18:59:48 GMT

GET
H2 200 show Show response
subs.youmaker.com/template/ Frame 9659 4 KB
4 KB 114ms
114ms Document
text/html 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tn=ENTD%20-%20signin
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

server: nginx/1.20.1
date: Mon, 28 Mar 2022 00:50:08 GMT
content-type: text/html; charset=utf-8
x-robots-tag: noindex
via: 1.1 google
alt-svc: clear

POST
H2 200 auth Show response
subs.youmaker.com/subs/ 69 B
133 B 114ms
112ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/subs/auth?subscribed=&nid=2200&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=4dbec52d-0a56-4e8c-b8d1-b66fcf90ba8d
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 69

OPTIONS
H2 200 auth
subs.youmaker.com/subs/ Frame 0
0 113ms
113ms Preflight 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/subs/auth?subscribed=&nid=2200&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=4dbec52d-0a56-4e8c-b8d1-b66fcf90ba8d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ntd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.20.1
date: Mon, 28 Mar 2022 00:50:08 GMT
content-length: 0
allow: GET, POST, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
via: 1.1 google
alt-svc: clear

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 832F 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=vd83dt6c5uw0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 49ms
49ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&pid=Yetwt4LcthgAX&cb=0&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22article_top_ads_inner%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: X9F53FJ6QHS20F4E7HW3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: LCwOoQ95ovKtHdBYELKVq5gTtSWtwHsA_ONxsjblGarTL8S0_k0gQA==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 1 KB
909 B 59ms
16ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Paris, France, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: f09b671519ee886c4c0bd9de19ed1bcff414da9f899f4675151204f2eddec311

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 273 B
668 B 87ms
47ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Paris, France, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 6ed2043de5c68020c72fc3c9cfc67a52be37c2f6f7bda2d96e6ee3e0ad1269c3

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.204.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 157ms
101ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_728x90&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e207c9a6b5a8bac7ae559d8d4cd0e8b936b5fff2d3c3dcaaa07da5be264fb411

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
327 B 44ms
11ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360717&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211a2f0e9fabb13f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22120af532aa7b6d4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213925bc274bc9a4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22148a14542575d11%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bc273ac9acd157a08ef6d65592e204e7a17b702705fbd34991426d641a957fe2

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 155ms
77ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=8f3f8670-a9ea-4627-97f2-ed99c3491b22&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.49411399779139864
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6923b497ec85a49be01a07c47ff8cd7cbffdc66c1781a13b31745f622a60ae61

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
325 B 111ms
37ms XHR
application/json 63.32.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32032&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html&ns=9421
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 91ms
63ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a283bae989c87a354beb5f98e1f1d6d2895c4eb6b564d2c57bc3187e5adfd482

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1da534cf-6bf8-4655-94dd-d13aef044bb6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
281 B 58ms
13ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6f2c5eb369c49b8e-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 51ms
50ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&pid=Yetwt4LcthgAX&cb=1&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22first_in_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 26409Z4RSPHAHHMHZ6BY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YaJ9FVG4JG2qwEm6_GqkpO-anWGVL7xQz13Ce3nCDeRmTi8van7X8A==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 273 B
669 B 105ms
69ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Paris, France, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 79ef4e504523b5309adf138b2215d300decba8ce3246f16000cbb4867a34945f

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.204.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 86ms
64ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c983093fa6483b79cec9dcd2b2998d01dbe55dc064e2f287e2d11eea547ced7a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 348d6b3c-41e1-4fdc-8561-962f7e1f4e33
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
327 B 35ms
14ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360718&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2233f68a7d4c921b7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2234b0ca2a01dd069%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223596df6fa13e37c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6627542d8df0b027f18712b2ff4d874940d1b61f11ebc52019fe257e867b6271

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 50ms
11ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9fe52a36d739773f98b039774322713a38965b83a45e630608817774f14096ea

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
326 B 97ms
34ms XHR
application/json 63.32.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html&ns=9421
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 52ms
15ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6f2c5eb369c79b8e-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 135ms
70ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=10bcc8bc-841b-4a33-aaac-1a94e1e10061&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6807916264701319
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 84d82bfc852f60224d7a4f34a838fb0cb8459ce20ecad9de65bcca67fc830c66

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 43ms
43ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&pid=Yetwt4LcthgAX&cb=2&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 154BTDW3Z3HMS1HTTRVA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: fIm3N_B8QXTioVlc0xRArJnUYHDDhhvB4s2dVuCY1NE388WW72Pajw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 272 B
668 B 74ms
41ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Paris, France, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 072246c24471a05ca7da6bb4d5c726846ab5b454c0d2769135eb68cc523ecc3e

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.204.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
289 B 41ms
9ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 61ff7d0674b7e4f2344e09cc13e81e497dc9a7fa762ac68736cac6d9ba38abab

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
325 B 95ms
38ms XHR
application/json 63.32.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html&ns=9421
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
327 B 26ms
13ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22567063aed1bd45c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2257a7ee342675edb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22581f746591f3291%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3d975e5cc124aa7345b669bdb9385b2c3bde0d7e167f85b5e40f08988bd1b0e3

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 130ms
71ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=0071ca86-cecf-43c3-9ac0-dea25d51ede4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5845273733039864
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 29e63a4868c17e236e0d54319c05386ce448f433084fcff9954d44e8f16242a4

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 85ms
70ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8b601979a3e0eb604264bfedc2a754c498331e22ee4685ab17a500bf8b98c732

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7867717f-a66a-4168-bc06-e56cd0a21a01
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 43ms
14ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6f2c5eb369c89b8e-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 49ms
49ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&pid=Yetwt4LcthgAX&cb=3&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22right_column_ad_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: JMFJTS7YMEC41AH8FG9Q
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: kivwbOedb3jSnqm4f8oV-sFr_ZArJhLvh4JMsRPOQ5U_Oz65AK5uBQ==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 273 B
668 B 57ms
43ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Paris, France, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: b0dc1ea1f3dfce0f26d8d4b8e2aab01ad785b255873248db87f6c5b2b6171df1

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.204.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 98ms
77ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0cd2c3f75597d0457cbd0960a485071958b70ad4b2969a1a437f71235092caab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 33b05379-d6fd-462b-a347-24d9c1d7618b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 290ms
237ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=5fd8d7f3-9ff5-4340-94ff-8e6b967ae58f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.39632610839256177
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 395fbd00bfd9c4b61cd308d00ecbf15452e528778422489a5b9a4622d9351a6a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
35 B 25ms
13ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6f2c5eb369c99b8e-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
325 B 72ms
36ms XHR
application/json 63.32.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html&ns=9421
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
327 B 15ms
13ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360722&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22818eccc23478d69%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282f1aa87b89658f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2283e91b2d2cfaae5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2093e5c3404a81b8a17a20124c8dab2008a681b2919c270d2b44856416b12846

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 28 Mar 2022 00:50:08 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 17ms
11ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 50107e26113c71fe5a0e68fb14689c48a02ae8072289adae0f3c3d9f6cfffa09

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 61ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 419 B
257 B 59ms
43ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=485452695497966&correlator=714642977297998&eid=31063247%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1600640090&sfv=1-0-38&ecs=20220328&fsapi=false&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cspecial-coverage-24850%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie_enabled=1&abxe=1&dt=1648428608555&lmt=1648428608&dlt=1648428607616&idt=836&biw=1600&bih=1200&adxs=290&adys=2624&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=767x2138&msz=647x0&fws=0&ohw=0&ga_vid=262725209.1648428608&ga_sid=1648428609&ga_hid=171955402&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e9eb29d2bcf0c752e3a5ccc158c4ad15fb3b675fc96e8e1e83097b2d6b265888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 066C 6 KB
4 KB 55ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 28 Mar 2022 00:50:08 GMT
expires: Tue, 28 Mar 2023 00:50:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
3 KB 135ms
101ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220211
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: ee51ef4504d1d1fef6713660ddc2ffb303669ff5a68c6752bd5bcb6510e5cd39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Last-Modified: Monday, 28-Mar-2022 00:50:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 200 counts Show response
comment.youmaker.com/api/v1/ 223 B
323 B 115ms
114ms XHR
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e4001fd2ef3cc22538b3d8728180b936b0bb760388a72971f3ecbb0ca5fec42c

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
vary: Origin
alt-svc: clear
content-length: 223
pragma: no-cache
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
expires: Thu, 01 Jan 1970 00:00:00 UTC
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
app-version: 0.1.2

OPTIONS
H2 200 counts
comment.youmaker.com/api/v1/ Frame 0
0 131ms
114ms Preflight 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ntd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.20.1
date: Mon, 28 Mar 2022 00:50:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ntd.com
app-name: remark
app-version: 0.1.2
author: EMG
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag: noindex
via: 1.1 google
alt-svc: clear

GET
H2 200 iframe.html Show response
comment.youmaker.com/web/ Frame 350B 4 KB
4 KB 115ms
113ms Document
text/html 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 36cd80da220c5d5a7a488fe0afa10fc4be479ee5e4598517932f1ebb554b186b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

server: nginx/1.20.1
date: Mon, 28 Mar 2022 00:50:08 GMT
content-type: text/html; charset=utf-8
content-length: 4155
accept-ranges: bytes
app-name: remark
app-version: 0.1.2
author: EMG
last-modified: Fri, 18 Mar 2022 18:49:30 GMT
x-robots-tag: noindex
via: 1.1 google
alt-svc: clear

GET
H2 200 userId.bundle.js Show response
subs.youmaker.com/lib/ Frame 9659 198 KB
199 KB 123ms
122ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/userId.bundle.js
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tn=ENTD%20-%20signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 505a3e699b3c09bfad202c8798f15f2f09d17a90d33fd4e342ecfc804be363fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tn=ENTD%20-%20signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
last-modified: Mon, 28 Feb 2022 15:19:38 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 203210

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7F22 15 KB
6 KB 105ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=169817
expires: Wed, 30 Mar 2022 00:00:25 GMT
date: Mon, 28 Mar 2022 00:50:08 GMT
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
12 KB 379ms
379ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=485452695497966&correlator=714642977297998&eid=31063247%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=2&adks=1030851624&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cspecial-coverage-24850%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie=ID%3Db4c7ed74e9dba9fc-2289216c66cd00a6%3AT%3D1648428608%3AS%3DALNI_MZX_o4MpWMQPnBaABhcl2IHWSDXaA&abxe=1&dt=1648428608686&lmt=1648428608&dlt=1648428607616&idt=836&biw=1600&bih=1200&adxs=200&adys=135&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x0&msz=1200x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=262725209.1648428608&ga_sid=1648428609&ga_hid=171955402&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

45e8bf15a0d25fefec60f390ed79da0a649ffe1ea3efa4baf1dbe7afa21be3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 remark.css
comment.youmaker.com/web/ Frame 350B 86 KB
87 KB 113ms
113ms Stylesheet
text/css 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/remark.css?v=2022021815
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f952d40de50ee68414a8454d93b85fa326a029b3cd7d070bc19a206e15702924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
last-modified: Fri, 18 Mar 2022 18:49:30 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 88461
app-version: 0.1.2

GET
H2 200 remark.js Show response
comment.youmaker.com/web/ Frame 350B 314 KB
315 KB 125ms
125ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/remark.js?v=2022021815
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a979c3b450b39c2fe56c0c82ad4679c5034da24b088d6d4bfb6c169ef62ba421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:08 GMT
via: 1.1 google
last-modified: Fri, 18 Mar 2022 18:49:30 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 321718
app-version: 0.1.2

GET
H/1.1 200
OK jsapi.v5.10.0.en_US.js Show response
static.mixi.media/static/jsapi/ 250 KB
75 KB 226ms
180ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.10.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 0e6644f09258f240a81b2c864684c27e31548b5e252f533c35e4177d2699fb2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 08:53:02 GMT
Server: nginx
ETag: W/"623d82ee-3e9c5"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 217ms
103ms Script
application/x-javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 127ms
82ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:08 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 142ms
96ms Image
image/png 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=269389058489
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Target-Version: 2
Date: Mon, 28 Mar 2022 00:50:08 GMT
X-Target-Final: 20220328035008-0
Server: nginx
X-Target-Host: target2-1.sselp2
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00063
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Mon, 28 Mar 2022 00:50:07 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7F22 0
42 B 76ms
19ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36093357&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:07 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 43ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
20ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 553ms
553ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=485452695497966&correlator=714642977297998&eid=31063247%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=2760480871&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=first_article%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cspecial-coverage-24850%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie=ID%3Db4c7ed74e9dba9fc-2289216c66cd00a6%3AT%3D1648428608%3AS%3DALNI_MZX_o4MpWMQPnBaABhcl2IHWSDXaA&abxe=1&dt=1648428608825&lmt=1648428608&dlt=1648428607616&idt=836&biw=1600&bih=1200&adxs=1028&adys=673&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=372x0&msz=372x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=262725209.1648428608&ga_sid=1648428609&ga_hid=171955402&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

dc61aab5d01b3c4f3c2ef55573ec9832d63d5e3611758cd9db64c0b9608f3ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12310
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
513 B 66ms
13ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:08 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 55ms
26ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 50ms
50ms Script
application/javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxIkNzQyOTU4NzctMWVlZS00YTdhLWFjYTgtNjY3NzcwMDNmM2Q2GNvZgfD8LyIkYTMyMzJjYzctZTQyOC00NmJiLTkyNWMtYmM0YjBmNTVkZWVj&cb=_callbacks____0l19ztz30
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 3c4e0e313d3434ffe8ef03e9a3b4c3fbed455f8bd06b357ba548c1ff2e848a36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame ED94 0
177 B 44ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 28 Mar 2022 00:50:09 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
880 B 113ms
112ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDc0Mjk1ODc3LTFlZWUtNGE3YS1hY2E4LTY2Nzc3MDAzZjNkNhoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjQ4NDI4NjA4NzMxGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGEzMjMyY2M3LWU0MjgtNDZiYi05MjVjLWJjNGIwZjU1ZGVlYxoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1648428609043
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Monday, 28-Mar-2022 00:50:09 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:09 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 153ms
50ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 28 Mar 2022 00:50:09 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 view Show response
r-log.dable.io/s/ntd.com/u/82117105.1648428608930/ 54 B
199 B 792ms
262ms Script
text/javascript 52.79.156.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/ntd.com/u/82117105.1648428608930/view?url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=554095&items%5B0%5D%5Bc1%5D=CCP%20Virus&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.theepochtimes.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html&cid=82117105.1648428608930&z=76670&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.79.156.248 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Mar 2022 00:50:09 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2 200 82117105.1648428608930 Show response
api.dable.io/widgets/id/Ql9OO5o4/users/ Frame 0AA5 39 KB
8 KB 493ms
493ms Document
text/html 15.165.215.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.165.215.83 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-165-215-83.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 03b77dca865fa0233ce6904c14c7a6ff94909547128e1e355f17e0b3ae3e1b99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Mon, 28 Mar 2022 00:50:09 GMT
content-type: text/html; charset=utf-8
server: nginx/1.20.0
content-encoding: gzip

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=82117105.1648428608930
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D

0
493 B

751ms
290ms

Image
text/plain

211.249.220.158
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:10 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:09 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEAShigmMnAIPg00Bli-HWc0&google_cver=1

35 B
207 B

1078ms
353ms

Image
image/gif

3.35.83.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEAShigmMnAIPg00Bli-HWc0&google_cver=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Server: 3.35.83.74 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-83-74.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEAShigmMnAIPg00Bli-HWc0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 50ED 222 KB
62 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 50ED 16 KB
6 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 50ED 96 KB
29 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 50ED 5 KB
2 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 01:45:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 50ED 42 KB
13 KB 57ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 27 Mar 2023 15:24:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 50ED 8 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Mar 2022 23:04:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:50:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:50:09 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 50ED 2 KB
3 KB 30ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 21021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Mar 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 50ED 295 B
319 B 37ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 68795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Mar 2022 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 50ED 0
0 57ms
57ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8hYiQAZBYsDcLM6X7_UPzJ6F0AuGuYeiadvsjeTcD4_0kOPXAhABIOjQsB9gldqigrAHoAHP7M3RAcgBCakCjWBDBidtsj7gAgCoAwHIAwqqBPoCT9CXzbe-iUySdSwzmfusOtJr4W93VZC5Fnw_LIvvExyP55hMqM_4aPtOdsJ04X579tZc9CYVlhC69nmim-j7aVhZpNq_jFTEizYeg0xcTejp43wvHJu1_XowEYwyZIkmzWwBseGJK3L4rbpetBtuQ6nT9vXkK8CJil7wAIjc4worDrFRdOooraHxSjpM5lLPj9TpBJYtvkQNLkGNQY-Hc8Nrn9MmDdbYS5oMQsTKMdCCnre3nf-3PD2quIp_-kKtMVjYBh5GEAWpo_Lpv_UqYwBoUC7apzmMi5dcj48qeCwdFSIKwPTS212uhAnEoURnirbsuOccxcCDde_cJfWdOoKvX3oZMOM1XJWqp6SvOTQL7csvgbT5oPjVEuDGeKlShfOFLxJWX_47l_0m1YpAXB4XHorwSKhWraGpIYHF_QdhgUWBr6Wk3R91gdKjTi9cqH23zWlZkeYr6woxnVABwA4rZAMZ8YOMHp4ZjBOd3Bm0UCXc8uyN9YR8wATwmfzIjwTgBAGSBQQIBBgBkgUECAUYBKAGLoAHmZOyrgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCo2csB0ggJCIDhgBAQARgdgAoDyAsBuBOIJ9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zOTkwMTgwMTU3MTgzMDAyGMDcDA&sigh=W_HqqbpyeA0&uach_m=[UACH]&template_id=5000
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 config Show response
comment.youmaker.com/api/v1/ Frame 350B 2 KB
2 KB 117ms
116ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/config?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022021815
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 9963485ccb8a760a4dd0df41b5e63c36f28bd143313de3f9c09b096ebdbb8ee0

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:09 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: clear
content-length: 1914
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4831904000569656090/ Frame 50ED 26 KB
26 KB 16ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4831904000569656090/downsize_200k_v1?w=600&h=314

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5836bd86efe6f30a3ee1df3b26367c320d5e1486c43792682844703c63684307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:09:37 GMT
x-content-type-options: nosniff
age: 405632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26687
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 10:58:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Mar 2023 08:09:37 GMT

GET
DATA 200
OK truncated
/ Frame 50ED 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 50ED 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 50ED 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66e9df0caa1e39da9344ef47ecc1ca7076810d478c1f2e418ffe505fd71a34cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 50ED 28 KB
28 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 439352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:47:37 GMT

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 8 KB
3 KB 87ms
87ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.10.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f2c4e8fb24ef53564c35598920178560ecb2197336f27cb3108ee211a7f2b413

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:09 GMT
Content-Encoding: gzip
Last-Modified: Monday, 28-Mar-2022 00:50:09 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Node: ads5-1sselp12

GET
H2 401 user
comment.youmaker.com/api/v1/ Frame 350B 57 B
0 115ms
114ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022021815
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:09 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
alt-svc: clear
content-length: 57
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 site Show response
comment.youmaker.com/api/v1/ Frame 350B 91 B
278 B 115ms
115ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/site?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022021815
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:09 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: clear
content-length: 91
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 find Show response
comment.youmaker.com/api/v1/ Frame 350B 123 B
310 B 114ms
113ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/find?site=www.ntd.com&url=www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&id=554095&group=&sort=-time&format=tree
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022021815
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url_id=554095&page_title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:09 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: clear
content-length: 123
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK 9965213.jpeg
static2.mixi.media/img/400x300/ 64 KB
64 KB 219ms
134ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/9965213.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 72b258667803ad9df3f9a6449a34dd8c29107cd1cd53f7bdd6190bbc3c5b8f6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Wed, 09 Mar 2022 04:57:27 GMT
Server: nginx
ETag: W/"622833b7-1a2d0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 65283

GET
H/1.1 200
OK 10000224.jpeg
static8.mixi.media/img/400x300/ 68 KB
69 KB 182ms
149ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/10000224.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 2df718570ba57fdea1976f4c97dceca39e42ec20eda71afd837c442b046c3efd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Mon, 21 Mar 2022 07:50:45 GMT
Server: nginx
ETag: W/"62382e55-12bad"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 70100

GET
H/1.1 200
OK 10017268.jpeg
static5.mixi.media/img/400x300/ 42 KB
42 KB 168ms
135ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/10017268.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f4bfd72b1cc2afac055d4987dc3ab653de1067815487ca085ad2510d2a6c7851

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Sat, 26 Mar 2022 16:40:28 GMT
Server: nginx
ETag: W/"623f41fc-13760"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 42795

GET
H/1.1 200
OK 10000209.jpeg
static5.mixi.media/img/400x300/ 62 KB
62 KB 169ms
135ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/10000209.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 8dc64f50f15d520612b5482e54b8e0092e0648f4d4055872d5b49c283ba1e69e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Mon, 21 Mar 2022 07:47:55 GMT
Server: nginx
ETag: W/"62382dab-f9cf"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 63079

GET
H/1.1 200
OK 10015823.jpeg
static2.mixi.media/img/400x300/ 60 KB
60 KB 221ms
139ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/10015823.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 6a02ebb0c185cbfe54d0403b0f0380807c64f8d549fdf51c0206a7bff11c7abd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Sat, 26 Mar 2022 06:25:06 GMT
Server: nginx
ETag: W/"623eb1c2-185e0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 61690

GET
H/1.1 200
OK 9967572.jpeg
static2.mixi.media/img/400x300/ 56 KB
56 KB 212ms
130ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/9967572.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f417e58a6af72435d556b273c7731a858a6f1f6bf9970a2556a88a816d3ca093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:09 GMT
Last-Modified: Wed, 09 Mar 2022 16:05:29 GMT
Server: nginx
ETag: W/"6228d049-227ab"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 57183

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame E20C 222 KB
61 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E20C 16 KB
6 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E20C 96 KB
29 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E20C 5 KB
2 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 01:45:22 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E20C 42 KB
13 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 27 Mar 2023 15:24:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E20C 8 KB
892 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Mar 2022 23:42:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:50:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:50:09 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E20C 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 21021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Mar 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E20C 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 68795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Mar 2022 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E20C 0
0 49ms
49ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbZMaQQZBYuCGAvWolQec0bzoDeuNsZ9pvfjv0bAPj_SQ49cCEAEg6NCwH2CV2qKCsAegAc_szdEByAEJqQKNYEMGJ22yPuACAKgDAcgDCqoE-gJP0GF1gu_1iSXhSW76J1CCsEKs49bt2pMsAYIEhOMUh1370WOA_4u205BNMzXdDcECmdHqlmcwvsp3TqapEULMROfbSpQxIktvhj2VZ7Npc_NcWdnQBSzYnGTQ6wkJAGMXK4XkzLWVvKlVML1q-iAsduENJz9JPcJ4RW38s_Q352VRTwPuYVowLnIlzXXCg_O1Ka6_edQcoirP4hWLraxtAVvP0wHzRt7uVFtGqfh-RZBCj3KlfqGapyB8E52fyD7t_DQObJ1WisWAYlxKqzJ27R3KCLpjsiLaExdVIq7D9qUGt-mgeRbEI9YMs9v-1C9J9ezUYEKOavSuFz2qX-qDZnOaPt4MrqoF23ZRWQh_3tqW3ZxUwoxvv_-FKNO48150YHZqwBRmD63ydkphme-ys-OSQ551s3SIbDLJxQwXCU0lYhdqx0g-q21RiX7FlnlScSWB_0Q3xxekvX-0gXLg1dE8O4YXK9F2mmrMfJvodeBp_pepc-00UKzABKzA7vXzA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeZk7KuAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENPVugHSCAkIgOGAEBABGB2ACgPICwG4E4gn2BMM0BUBmBYBgBcBshceChwIABIUcHViLTM5OTAxODAxNTcxODMwMDIYwNwM&sigh=sC47LCmAWO0&uach_m=[UACH]&template_id=5000
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4831904000569656090/ Frame E20C 13 KB
13 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4831904000569656090/downsize_200k_v1?w=400&h=209

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc81571354b164e6b704d258e3eb4c8bc6139ec2452740b7896d3e23f53ca1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:01:46 GMT
x-content-type-options: nosniff
age: 409703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13375
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 10:58:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Mar 2023 07:01:46 GMT

GET
DATA 200
OK truncated
/ Frame E20C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E20C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E20C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e8b16eda34207d04645cc2e183d1403160cff6a2be7fbcb4d95c6f154cd624e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame E20C 28 KB
28 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 439352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:47:37 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 0AA5 830 B
807 B 19ms
18ms Stylesheet
text/css 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: 39705653E55C092C
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Date: Mon, 28 Mar 2022 00:50:09 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: DOzmg67Fma9HnGFjJ5TLfsqP8B8E5vrsM12A36fgMiYAhmQWEDH/9rAcO1X1AG55m5F0KEmQ/BA=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame 0AA5 73 KB
10 KB 52ms
32ms Stylesheet
text/css 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?202106141538
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vhEKAQMtMwHCbv1zntOLld7ykyHm2Ieo
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GSJ3XSS7B7MSGG
ETag: "b21f082c8bf7c670dc2314e542e4dcd4"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Mon, 28 Mar 2022 00:50:09 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10090
x-amz-id-2: CV49zchxyfrJ7A0uDlnesP8HJgUzPO5F5jg+mvemxg6m3fTF41RU5lMczudu2y1+N0FssM5UFFQ=

GET
H3 200 css
fonts.googleapis.com/ Frame 0AA5 4 KB
619 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:22:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 00:50:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 00:50:09 GMT

GET
H/1.1 200
OK dd82c4dfe114eab8fc06894d463583639bd48.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/96d/ Frame 0AA5 3 KB
4 KB 97ms
23ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/96d/dd82c4dfe114eab8fc06894d463583639bd48.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 9c327b50d9c99387485befa8267d3b565314856fc54824b69bb846ce2dcea082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Msr6KvDi1.wby4KHqanoTff4QANk8yrl
ETag: "6c9c93a404d02d0119a1363fe9ac06cd"
x-amz-request-id: 6VX2VKNK6X0VQ2GG
Connection: keep-alive
Content-Length: 3291
x-amz-id-2: Ko22lER//GKvKASTKYzSQjKoPk7oRYTjIp90g/8pVfZEl1HZQLmG3683QE+cfNI0jhgIeEURPuE=
Last-Modified: Tue, 22 Mar 2022 02:08:46 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 20210730071202_digi2021073001
images.dable.io/ad/thumbnails/legacy-resize/library/16by10/original/1x/ Frame 0AA5 8 KB
9 KB 92ms
18ms Image
image/jpg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/library/16by10/original/1x/20210730071202_digi2021073001
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 12ff7dffe56f3c7036eaf8892bb0036a1642151c7de9b9ea8396cae96a182fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: WEl9O7L6UEP.EWeOyRyEeMu3nDUZ7pIN
ETag: "66ddce28bbb14e720bf774a65b37d904"
x-amz-request-id: DT6G0JYBYVV0E46D
Connection: keep-alive
Content-Length: 8332
x-amz-id-2: 0mB3UpULKEUvkzafxTCcAseg7l1e6MDBFJAtP5qP+OTKtW7Dj9KE9NVsonwJv11V9HrCQvrkoco=
Last-Modified: Wed, 26 Jan 2022 11:36:17 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 25b40e28466a8ce9697f4c62898c22eef27cd.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/695/ Frame 0AA5 6 KB
6 KB 816ms
743ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/695/25b40e28466a8ce9697f4c62898c22eef27cd.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 1819e2537030faf3f6af89f1354a0df75c960cbfbe8fd699de538b93c0427bb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: u7NLprMnHd9517_wcJyEoEmtZ8qpA5KX
ETag: "f4f3878e03b06e61e2ab42c9931cd248"
x-amz-request-id: 7KH97TXXSAK2ZZKQ
Connection: keep-alive
Content-Length: 5832
x-amz-id-2: dsHhXMWIN6VcN4USQ6WPtTh2KJRUaY6m1g/9jQnq00s1e6GXychR8G9RmZu/rbnsXnpmXry+BbI=
X-Akamai-Origin-Object-Size: 5832
Last-Modified: Mon, 27 Dec 2021 00:19:59 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:10 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK a5a5f5f08244164c22c0460651d3563feb5ad.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/f90/ Frame 0AA5 5 KB
6 KB 98ms
24ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/f90/a5a5f5f08244164c22c0460651d3563feb5ad.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 18f6939e2f8e7cef78fa1de2d9d96eec879d9ccb2ce6df4397d914b4a4319e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Fgz1fcOjod713YJRjpMWC3Vdx9ge4tbI
ETag: "40f5b659d6077395443c63dd804247f8"
x-amz-request-id: 19305SZ38PKGJSBP
Connection: keep-alive
Content-Length: 5108
x-amz-id-2: RMqz5p13XUnkR/auSZesHvcI8gy6+2dDa3LHXrl5pCa469jao3hVLeQsjVJzPop9boviFyqhw04=
X-Akamai-Origin-Object-Size: 5108
Last-Modified: Sat, 26 Mar 2022 06:17:26 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK ebd5a0036d404ee2cad764f9f6a60db4aee6b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/bbd/ Frame 0AA5 5 KB
6 KB 94ms
20ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/bbd/ebd5a0036d404ee2cad764f9f6a60db4aee6b.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 98d486c73fe94c92326efbaa1d169eb6d1731ef8fbb3505990b369acbab65fe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ukg6b4p0PugI11HZX2zPugutC2pVVoX8
ETag: "6a5967185ab0b77076b2bc11d296d757"
x-amz-request-id: 353AH5HNJ2HXDMFQ
Connection: keep-alive
Content-Length: 5534
x-amz-id-2: VryqlHRNLJH+5x+v6JNkrlwg2sBvdFnNisMRbpX2a6bkPUf4ms2oiz2qCAYqvL3xEyi2zgh99kI=
Last-Modified: Sat, 12 Mar 2022 12:04:36 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 4d68ff167566db1fcd703a6ed2f2009a0d478.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a3b/ Frame 0AA5 5 KB
6 KB 114ms
26ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/a3b/4d68ff167566db1fcd703a6ed2f2009a0d478.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 723c686c2026cad642c5f72ea3e9f2b6e48d3dfba1c1ef42b6a3d33ebb273844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 79cTYTxq9R.BYJ6s7C5pwmDLwi6.un4A
ETag: "6401ad599154d619ca66b353756e7bfd"
x-amz-request-id: 8G45PVR1FM2HH195
Connection: keep-alive
Content-Length: 5476
x-amz-id-2: 00JrznNEIUvs04XyblR7WpAw7iwOGhVr5HphRLYwUFR3SQu/ROAlzsXckWiF3o2tH3gHvLfE8/w=
Last-Modified: Fri, 11 Mar 2022 09:18:24 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 0AA5 83 B
611 B 61ms
26ms Image
image/png 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: A74E3AC9B94295FA
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Mon, 28 Mar 2022 00:50:09 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: NCjPtdq8kaPGqc6TpUypjvIKhhX0jc88Y2RUNlDJzr3pWjlms5hXpoLorAtlfetNnuUvbga2nlk=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 0AA5 95 KB
34 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 15:07:56 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 0AA5 56 KB
18 KB 56ms
21ms Script
application/javascript 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?202111292350
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 739db3db63c552a321ed71d919bba142cb4a47fe4b8c92cef8b7c29ba67ef59b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: XOx9CdObjeR8imaDb0mlLRoHfj6Sm_L6
Content-Encoding: gzip
Last-Modified: Mon, 21 Feb 2022 06:26:41 GMT
Server: nginx/1.20.0
x-amz-request-id: AEBQKTHKB4PXN22Q
ETag: "913b174a91ca180a52912214910f015c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Mon, 28 Mar 2022 00:50:09 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17697
x-amz-id-2: nrhduHxH4MvcdnPz4IItSz4S2gUGf/DIdwPVXihOj58aSaLVKlzUIvBdXTAF0SkHLwI3ZTv+woo=

GET
H/1.1 200
OK prevnext2-snippet-ie.png
images.dable.io/static/i/ Frame 0AA5 288 B
906 B 21ms
21ms Image
image/png 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/prevnext2-snippet-ie.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "78144ca1e42485765eff8fd58568ec78"
x-amz-request-id: 81B5DDD116E89B12
Connection: keep-alive
Content-Length: 288
x-amz-id-2: t1wtYFlYVYzI6M0XT39AcDwFPoRstUZGovfpThtKwKL8zqmSeJCX1ayRSDNlDHG5fMVKIHx0Re4=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 0AA5 661 B
1 KB 25ms
24ms Image
image/png 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 35CC7113A1175327
Connection: keep-alive
Content-Length: 661
x-amz-id-2: U4W2TbYFM14WY5X5PIAvx3BT459MKI06wmRY8JX2RnzHWJbbcfoziygigIRtHm+hRZd7CjRYx2w=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0AA5 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 448934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0AA5 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 453020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 18:59:49 GMT

GET
H/1.1 200
OK dot.png
images.dable.io/static/i/ Frame 0AA5 269 B
887 B 19ms
19ms Image
image/png 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/dot.png?2
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "c6dbfa476effcbda5d070b19378fed29"
x-amz-request-id: 164D6F056A7F88BD
Connection: keep-alive
Content-Length: 269
x-amz-id-2: HSc0TeECv7JwbHh1UMOlhiU7otcck7yiZ+0BRkT8zn5i/Xn66Fyy+euliMR+ep3yY1k28980jOI=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 9820789e834e7226aed2ffab4eb5840ce4c9f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/e02/ Frame 0AA5 4 KB
5 KB 26ms
26ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/e02/9820789e834e7226aed2ffab4eb5840ce4c9f.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: d16c5b521f7d6753bd3011e48cc5c046ec8477e4dff731ab5d6dc33109413493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: i8.gWv7l6I9XiADlMESNM751ZLceVkZ4
ETag: "b52bc2d4b092c7cdbd9b9131e9acc986"
x-amz-request-id: 0BE9JC2RYJNTZAEY
Connection: keep-alive
Content-Length: 4191
x-amz-id-2: FeZDDeEGuu8jAQa0QGbXRlsw9tW3tILauH+WKkKlk0y62wGBQgsM1GK/Gk5nMSqVDTXHd7kvJi0=
Last-Modified: Tue, 15 Mar 2022 03:08:55 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 870363e9aafd430440ce1592c96377ba1ae7a.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/755/ Frame 0AA5 3 KB
4 KB 25ms
25ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/755/870363e9aafd430440ce1592c96377ba1ae7a.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 750578f50a95b66cdb76fb1583705d4808e8d5e5e248e3581433b382005332d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: pjZCmwcVbpV53Spi3Yjah.q07QnrRTZR
ETag: "32790dd33593cadadec846f4854a4e5b"
x-amz-request-id: ZP4YR72KR267N4N5
Connection: keep-alive
Content-Length: 3258
x-amz-id-2: HclUD9X25D8+mDA5zczGnaEVe9MFL3Ul27GIpXr8+ZZy8etLNDS7PrQozXedDUd9yE6OEXW+1pg=
Last-Modified: Tue, 01 Mar 2022 07:28:37 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK eed82c83cab3faa681641a9867c3dd322119d.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/12a/ Frame 0AA5 5 KB
6 KB 28ms
28ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/12a/eed82c83cab3faa681641a9867c3dd322119d.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: bea3ca280c6395180b1d1882dbd0975f7cfdb33c8480bb180801ef739a512a09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 0A2t8Elh.EuFJlJHjPgIp_O26hUM2NF.
ETag: "69362caa65ea3071b92664d69c76f02e"
x-amz-request-id: MDVAS13WF5ZN3TD5
Connection: keep-alive
Content-Length: 5017
x-amz-id-2: h8gIwQSB574gIq8g5yqboYR8JNI+94t+jJJ9Ngeaug+jmVL7KdtDgdmBpofJvhayr4Q7M6y2vp4=
X-Akamai-Origin-Object-Size: 5017
Last-Modified: Fri, 04 Feb 2022 15:14:35 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 14e653e787a3fd41836806e1f413589388af3.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/62b/ Frame 0AA5 6 KB
7 KB 19ms
19ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/62b/14e653e787a3fd41836806e1f413589388af3.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: b3665b8f313dc77b13b84948a2bc86c37f7b5a9b42cf2605068fdaa6cf86239c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: lk6zPlClFVD8qcvGokOY_9CovMHHK0xC
ETag: "f5a9194100a0749574d6fde1b9c2b2d4"
x-amz-request-id: WD8HV6TB8H5E0QZD
Connection: keep-alive
Content-Length: 6612
x-amz-id-2: pOF+cZ8ZaJhcmAqJR8QbTpRuhojkm2UrMc71VGMeZ2HaUkib2gdzJEu4l5Hh1H9EsuDVSBIhID0=
Last-Modified: Wed, 23 Mar 2022 03:27:46 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 700aa4e4a65ce9438d37e39c18ae78c9afcd8.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/ef3/ Frame 0AA5 8 KB
9 KB 1540ms
1540ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/ef3/700aa4e4a65ce9438d37e39c18ae78c9afcd8.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 52df357cf901533ff28e59c6f2e0ae3ae34abbd6bbde0345d3bbdf0d11cc230b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: THC3bPk2MgHwwyMQCBQYx9q9utZMCgl3
ETag: "a2703413b8ec48a788e4136bffc0b55e"
x-amz-request-id: E86FRTNEMDRCQBYC
Connection: keep-alive
Content-Length: 8354
x-amz-id-2: hTeJSmzeMw2rue1NkjDsFeGa/Qyc4D591fCq9u2obGsbxmow66MzRA9c2xjJIIwjQ7AdDGQ9aGI=
X-Akamai-Origin-Object-Size: 8354
Last-Modified: Sat, 19 Mar 2022 01:15:46 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:11 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 958dc2a4f446b15b92fe15efb318aac211639.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/b31/ Frame 0AA5 6 KB
7 KB 21ms
20ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/b31/958dc2a4f446b15b92fe15efb318aac211639.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 4dffa05010867386fbff38ab1ee6804dc7028d4d5468a05aac199d369a78b212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kDQaxb8LIYQlLjCav6BRxgWvgua5BqWm
ETag: "d49dedad861ecbf34694e89962652886"
x-amz-request-id: D3ZKPSZ8D9T38ENV
Connection: keep-alive
Content-Length: 6160
x-amz-id-2: +s9N9qLvkzJCmtuAXzNyJHUQ5k+pznJOOlDpbVfUFfjNiPyXBQ0RqoxywP0UGE2qODnxT+0PRE4=
Last-Modified: Mon, 21 Mar 2022 04:50:02 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 9269e0e93709b49a1be8fbf43101fc2d0826e.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/33e/ Frame 0AA5 6 KB
7 KB 1272ms
1272ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/33e/9269e0e93709b49a1be8fbf43101fc2d0826e.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: ca870df4e6516bbd10f0f14142f3eefc1ca9c1a5c1c473d8b6254bc4c88aeccb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: sRSmMcaTiKhbK4XLFLIW3i76BxjjG6yu
ETag: "1a63396f255f6f8ae6ad20db81379a1f"
x-amz-request-id: 7KHCCP72CA7N5HN0
Connection: keep-alive
Content-Length: 6387
x-amz-id-2: o7t7ghcINl0oc0cUfNmABOJv0Ve0jtAnp8WnrHPPbydwK8oWcnE0K6hxehr/AlsjO0lrOmpfH4o=
X-Akamai-Origin-Object-Size: 6387
Last-Modified: Tue, 22 Mar 2022 18:05:34 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:10 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f3ca39fc49ffd5d2a09424bd884f077a9967d.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/275/ Frame 0AA5 3 KB
4 KB 20ms
20ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/275/f3ca39fc49ffd5d2a09424bd884f077a9967d.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 65680a348004b7e7fe3922a359eb014cf513d823a3f7b4d8414e8b1696b3aa58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kVgd3joQKoHAFFYdcaBzIKp1Oxe15O_T
ETag: "187f95475ed91cb1a5f8863224d2827d"
x-amz-request-id: KVJNPHY1AECY7MCP
Connection: keep-alive
Content-Length: 3505
x-amz-id-2: XdrHVp81L9lGXCmba2MfavoDifZMioT/EjVlNme+/tPGeG2D7FeQ2nFeMRIyr5GG6VHQ4uHpfHtjA1pxZAsQsg==
Last-Modified: Tue, 01 Mar 2022 07:39:37 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f76b65bf8d0e1e9c8d94dbc3e7ed571bd0589.jpeg
images.dable.io/thumbnail/img.theepochtimes.com/200X125/629/ Frame 0AA5 6 KB
6 KB 28ms
27ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.theepochtimes.com/200X125/629/f76b65bf8d0e1e9c8d94dbc3e7ed571bd0589.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 61085232d356ce7e6e27cb6bd22434c443a0760cf5c95b02fcb2434b271a3ceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 6oDtSg7AHBv4Fcj45YEPew67YcrvFsX1
ETag: "91fe63d479d19463be73d6f28b8760af"
x-amz-request-id: ME7K6CTYMMGBMZ7J
Connection: keep-alive
Content-Length: 5809
x-amz-id-2: Z52StjIY/EaSr9YPHJ4ReNQ52VDehX1zqc8/1DUj3BbgahYEeR0sdQyXUpOhgpmfdz0qrrrk3M8=
X-Akamai-Origin-Object-Size: 5809
Last-Modified: Sun, 27 Mar 2022 12:50:48 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 5b69a51f62c606397d6a9c15ada03edf8c2ff.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a94/ Frame 0AA5 4 KB
5 KB 20ms
19ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/a94/5b69a51f62c606397d6a9c15ada03edf8c2ff.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: f871e49995e99ba24b2aa91bc1ebff2f7cababcbe409721be96addd260ecf0bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 4f9423wJ0YtKTBX5Xlg_uJrnkNmVrhKB
ETag: "3361f4f320076f7440d461f809e40a36"
x-amz-request-id: 1WVZEN6ZM6BXJM3E
Connection: keep-alive
Content-Length: 4259
x-amz-id-2: zG7XZWMYRuWzHDp9qaZD4nHEabDxAgqRtFtRFeqYlVCkpFV9hdTmPtqFQWv7aotBcPcxCqaZ2/w=
Last-Modified: Sat, 19 Mar 2022 05:38:22 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 965c0affbaecf6e1d0245b0a48862bc9c0b8d.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a41/ Frame 0AA5 5 KB
6 KB 20ms
20ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/a41/965c0affbaecf6e1d0245b0a48862bc9c0b8d.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 83dffb6e8ac6f574850e19ad5668c8aa7cd90c89e6ca28358a34c40f26714be9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: v.9HY5FI5niKxgGPuE_Y15Gl3d7mT0pg
ETag: "35d363aa24c7b1377d9a832d775361aa"
x-amz-request-id: MVWG6S80AS729BVD
Connection: keep-alive
Content-Length: 5628
x-amz-id-2: Ng7TEU62BXo762KOKcCThrCXGWAkTy0ZdQQpiP6cIhp0YANBRzLd6veDc+rMljoLTNIXuAfzZ68=
Last-Modified: Mon, 21 Mar 2022 16:08:34 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK db54dcc1d97c5d37865eb2be1123a7c02645b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/2de/ Frame 0AA5 5 KB
6 KB 24ms
24ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/2de/db54dcc1d97c5d37865eb2be1123a7c02645b.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 81a9e8c6edb93a86ebd55e3f2554e5ba8532c64273e23bee8aa82f9a60c1c866

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: S7gHOtDM6XJ2V1vPR996ba25HQXo_sBn
ETag: "b3efbad34e0c4c12f73c9fc87613e362"
x-amz-request-id: 67AQZFRE5BMYFERS
Connection: keep-alive
Content-Length: 5037
x-amz-id-2: /+isvAXLKLYURDbbPMeGX25qWG94ioXG3IO7rm4UDqxC8srdeag1X4dW/N6Dg/WCfdl6XZ8fLLE=
Last-Modified: Fri, 18 Mar 2022 21:48:50 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK bd9fad1eb309c8d9d8c27db8330abfcd89a11.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/6c4/ Frame 0AA5 5 KB
5 KB 20ms
20ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/6c4/bd9fad1eb309c8d9d8c27db8330abfcd89a11.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: da10eb9818807e75c8973b4fd5319b0cc0130ce2fb78b2c83ea94d1091a8ca86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: pg7s2JPAxC.B_Q915_OjuCpiZriIFogJ
ETag: "84aae4ea77a2f889da0038f96f04aa92"
x-amz-request-id: 94Q474NSQYVQRNV9
Connection: keep-alive
Content-Length: 4930
x-amz-id-2: vxbDeOmm+c0aGQFVQW/Z7H6l1T9b6FSg770k71Ah1AMhoYjmCAO06O1bQcxd0FFohQdup6DsEA0=
Last-Modified: Mon, 21 Mar 2022 21:06:23 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8df1dbd759c980dacb1327c847cff6c7c700c.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/c40/ Frame 0AA5 5 KB
6 KB 20ms
20ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/c40/8df1dbd759c980dacb1327c847cff6c7c700c.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 85d676dc2a0fd26ca684094d8484080968c1355283fd2f0fd1209a239f4b1338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JfgTuxMkujH.Yd5ae3XNxa1dfciLUFwf
ETag: "e5b2dba6ed44b423f6f33c27de3dd599"
x-amz-request-id: NA2Z7G0WJYG9WM5C
Connection: keep-alive
Content-Length: 5087
x-amz-id-2: M8ZPryxQxmyKID56tTI1msRpkuiY2c0JkRIiCJSoByFSyN2ZiRyREgfBF+VegCtAKRfiTL1yRVI=
Last-Modified: Thu, 03 Mar 2022 15:00:15 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 09b7a44b20778c0f4bc8cdf6c26506c03ebb7.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/496/ Frame 0AA5 8 KB
8 KB 24ms
24ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/496/09b7a44b20778c0f4bc8cdf6c26506c03ebb7.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: e8efb207b1cd8218f260562aa28a745dcada82dc60a80113336e34d3253b9a98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: lP_BlO9PYfcptxmRMab20mDjHzjhcgz7
ETag: "d49c7cdca748aa5d026a71ee33c71bef"
x-amz-request-id: ME7XGKEZMRYKJDTY
Connection: keep-alive
Content-Length: 7771
x-amz-id-2: ibyTdM+HYWaaucdn9J04hjHLA4ZZCMYfxeyIEenjYJuFuP9l31+Wo3knD9fT8DNT6nc5nzhXWZM=
X-Akamai-Origin-Object-Size: 7771
Last-Modified: Mon, 28 Feb 2022 15:08:30 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f7d135788ad74abb7413b63f514e1083d01fe.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/0fb/ Frame 0AA5 3 KB
4 KB 23ms
22ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/0fb/f7d135788ad74abb7413b63f514e1083d01fe.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: b75dbc475efcfa8b6950810101239e19a5bdcbc20aef1fcfc88a87c364ecbe7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: NbN3Ly_sUbMS9By4qytY4IEhsQcOQAkR
ETag: "e10da3f23d1564967882f6e7397f5d24"
x-amz-request-id: HANJ2VTA49G1QGKZ
Connection: keep-alive
Content-Length: 3361
x-amz-id-2: cG7zOapjn1SSGyltVyj/HVuezbYW9JOnHubZNV+3tCj6onlwqyUxDbBv/qjmJ+Ols2NTgmOonDY=
Last-Modified: Fri, 04 Mar 2022 07:16:29 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 2b64081f94a965f0a51e0674b6d44aeb9e5ee.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/cf8/ Frame 0AA5 7 KB
8 KB 25ms
25ms Image
image/jpeg 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/cf8/2b64081f94a965f0a51e0674b6d44aeb9e5ee.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 855d3c6590e489321b30dd83d0a9b824dbf52aca42d598967438a900c17029e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: lBLvwHOrdA7YNHp2VkV.CYLqKHVLlNWS
ETag: "c8782677ecaceac3d72c98b9b4b0dc21"
x-amz-request-id: N8X91XAEKSPFBMCG
Connection: keep-alive
Content-Length: 7448
x-amz-id-2: sUDQlyCLuuu16nZQi/A71jSV//F8lcJc8fUI5YYOUS69mVkk7RpsRPJo9nAnNwNTdxHPGmttFQs=
Last-Modified: Fri, 25 Mar 2022 02:06:01 GMT
Server: nginx/1.20.0
Date: Mon, 28 Mar 2022 00:50:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 50ED 42 B
272 B 51ms
50ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9uNGuXu_SGjLvmxqkZcNTIM7Kmp7nl2i3YN-fIrSQe-Q3sbPzVoktPxRTngWHoQyanJlJGeF7t5mVXCu4Vraa5vkz9Uk4F9cRkY-1HVLTfaMKtEQhTw&sai=AMfl-YQRJKP7X3VKEQuC47gX2v11GVs0qCYztT_8BbNacv7Wua9T5Zaoqs99mdLfKWNiOYNS1Sk2UY6b3omhVpUhRzHcEWANA2eDV5pm6OcE6994iWBeLNmiu6LtmJjP&sig=Cg0ArKJSzLWRNMpbNx5EEAE&cid=CAASF-RoaI-W3elzsrC5YCbAQJpPDiThtPYJ&id=ampim&o=315,135&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=165&tls=1166&g=100&h=100&tt=1166&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1030851624

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F3AF 38 KB
14 KB 24ms
24ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Mar 2022 05:35:40 GMT
etag: "1302647-96a7-5da3b2ade946f"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13941
content-type: text/html; charset=UTF-8
cache-control: public, max-age=155071
expires: Tue, 29 Mar 2022 19:54:41 GMT
date: Mon, 28 Mar 2022 00:50:10 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D93B 52 KB
17 KB 38ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 26 Mar 2022 16:06:07 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 28 Mar 2022 00:50:10 GMT
Age: 31441
X-Served-By: cache-lga21934-LGA, cache-hhn4057-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 422267
X-Timer: S1648428611.711416,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame C055 0
0 207ms
197ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f2c5ec0dd8a9b8e-FRA

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 7988 0
0 205ms
197ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f2c5ec0dd889b8e-FRA

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 0B1D 0
35 B 36ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 28 Mar 2022 00:50:10 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 3420 0
0 18ms
12ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f2c5ec0dd8b9b8e-FRA

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2252 38 KB
14 KB 27ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Mar 2022 05:35:40 GMT
etag: "1302647-96a7-5da3b2ade946f"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13941
content-type: text/html; charset=UTF-8
cache-control: public, max-age=155071
expires: Tue, 29 Mar 2022 19:54:41 GMT
date: Mon, 28 Mar 2022 00:50:10 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 45D1 52 KB
17 KB 30ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 26 Mar 2022 16:06:07 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 28 Mar 2022 00:50:10 GMT
Age: 31441
X-Served-By: cache-lga21934-LGA, cache-hhn4055-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 421879
X-Timer: S1648428611.711423,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B5FA 38 KB
14 KB 38ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Mar 2022 05:35:40 GMT
etag: "1302647-96a7-5da3b2ade946f"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13941
content-type: text/html; charset=UTF-8
cache-control: public, max-age=155071
expires: Tue, 29 Mar 2022 19:54:41 GMT
date: Mon, 28 Mar 2022 00:50:10 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7602 38 KB
14 KB 41ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Mar 2022 05:35:40 GMT
etag: "1302647-96a7-5da3b2ade946f"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13941
content-type: text/html; charset=UTF-8
cache-control: public, max-age=155071
expires: Tue, 29 Mar 2022 19:54:41 GMT
date: Mon, 28 Mar 2022 00:50:10 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A2B1 3 KB
2 KB 87ms
24ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9681 52 KB
17 KB 25ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 26 Mar 2022 16:06:07 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 28 Mar 2022 00:50:10 GMT
Age: 31441
X-Served-By: cache-lga21934-LGA, cache-hhn4052-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 423174
X-Timer: S1648428611.711599,VS0,VE0
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame E8E6 0
35 B 27ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 28 Mar 2022 00:50:10 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1988 3 KB
2 KB 84ms
24ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 40E3 3 KB
2 KB 82ms
22ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 935D 52 KB
17 KB 28ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 26 Mar 2022 16:06:07 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 28 Mar 2022 00:50:10 GMT
Age: 31441
X-Served-By: cache-lga21934-LGA, cache-hhn4057-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 422268
X-Timer: S1648428611.720556,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 02B1 281 B
554 B 47ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame EA23 0
35 B 23ms
22ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 28 Mar 2022 00:50:10 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 5931 0
35 B 23ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 28 Mar 2022 00:50:10 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame B369 0
0 196ms
196ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f2c5ec0eda39b8e-FRA

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A2B2 3 KB
2 KB 102ms
25ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D93B 0
741 B 8ms
8ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 70a0b55d-a0e8-482f-a729-eac7f8484753
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 45D1 0
741 B 9ms
9ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f3992b7f-e6ac-4b48-a22c-273a33369336
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 02B1 32 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36622
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9540
Expires: Mon, 28 Mar 2022 11:00:32 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9681 0
741 B 7ms
7ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a6ca0ed8-3266-474d-94f9-7035b0b944a8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 935D 0
741 B 7ms
6ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a852bb47-b1aa-4de3-ab46-e39006c05ba0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 129F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
3 KB

42ms
38ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f2b4ab620da6d9e940b481f5703999389c5305aa09ba1a94eb713a69b607d2e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|39|241|8|176|152|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Content-Length: 1476
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 342
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame BFE6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

36ms
36ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f329559661d26f3ad69d7e4ce12802fa910a99724298e261f13cd05e341152e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|241|39|47|105|73|8
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Content-Length: 1629
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 342
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8193
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

36ms
36ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0844b168500349447b27b94dffc5e1d5fff31c5bfeb38d1bc0e821c03faedcd9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|241|230|64|88|13|152
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Content-Length: 1760
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 342
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame B542
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
3 KB

26ms
26ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 57683cf873f4a8cf2fd2cdbc7421f3690712fefc098eb416d99e5eae19e4478c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|45|191|8|5|176
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Content-Length: 1510
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 342
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 28 Mar 2022 00:50:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02B1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTdkYmRhZmEwYmIzZmI4NmJhMjljNDA3MGM2NjEzNWU2YTA3Mzk4ZQ

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTdkYmRhZmEwYmIzZmI4NmJhMjljNDA3MGM2NjEzNWU2YTA3Mzk4ZQ

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTdkYmRhZmEwYmIzZmI4NmJhMjljNDA3MGM2NjEzNWU2YTA3Mzk4ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 02B1
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L19ZTYRX-L-A1X0&sigv=1&esig=2~e856b25351d611facf60af7bb0148307274a4404

0
194 B

69ms
21ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L19ZTYRX-L-A1X0&sigv=1&esig=2~e856b25351d611facf60af7bb0148307274a4404

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L19ZTYRX-L-A1X0&sigv=1&esig=2~e856b25351d611facf60af7bb0148307274a4404
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 02B1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L19ZTYRX-L-A1X0

0
705 B

171ms
155ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L19ZTYRX-L-A1X0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 56C0DD9F46794AD48F8EE9BDCCE818F9 Ref B: FRAEDGE1316 Ref C: 2022-03-28T00:50:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbPLHOayF3dcEQV76kwg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L19ZTYRX-L-A1X0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 02B1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WDIl28_BRViwsFGVyOX_tA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDIl28_BRViwsFGVyOX_tA

43 B
556 B

36ms
36ms

Image
image/gif

52.95.119.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDIl28_BRViwsFGVyOX_tA

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

HTTP/1.1

Server

52.95.119.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0Y02C95M0F08TFXMGB6A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WDIl28_BRViwsFGVyOX_tA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 02B1 0
0 40ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02B1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5WlRZUlgtTC1BMVgw

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5WlRZUlgtTC1BMVgw

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5WlRZUlgtTC1BMVgw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 02B1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pRW6Tj5iTa-Ck3SwwYhLZA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pRW6Tj5iTa-Ck3SwwYhLZA

43 B
556 B

104ms
104ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pRW6Tj5iTa-Ck3SwwYhLZA

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G5RHJ70NH7BR7GS3CVBG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pRW6Tj5iTa-Ck3SwwYhLZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 02B1 70 B
264 B 101ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BFE6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

43 B
1001 B

28ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame BFE6 170 B
188 B 34ms
19ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BFE6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t

43 B
645 B

101ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZMHT5RWDNSTV1MB2KAB0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VR37892M38KKYYHXJ0BR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BFE6 70 B
264 B 68ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BFE6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ftHoN79t1NyDAf5&gdpr=1

43 B
1 KB

48ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ftHoN79t1NyDAf5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:10 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ftHoN79t1NyDAf5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BFE6
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
990 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Mon, 28 Mar 2022 00:50:11 GMT
server: nginx/1.20.0
content-length: 76

GET
H2 200 YkEGQipZk1VcB55A8hpHBAAABIUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BFE6 43 B
993 B 105ms
34ms Image
image/gif 2a05:d018:d29:3605:94f3:d01d:495a:dfd0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YkEGQipZk1VcB55A8hpHBAAABIUAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:94f3:d01d:495a:dfd0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BFE6
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aa76890-2d75-4bc0-9a32-4a991d158269&expiration=1679964611

43 B
1 KB

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aa76890-2d75-4bc0-9a32-4a991d158269&expiration=1679964611
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aa76890-2d75-4bc0-9a32-4a991d158269&expiration=1679964611
date: Mon, 28 Mar 2022 00:50:11 GMT
server: Kestrel
content-length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame BFE6 43 B
424 B 27ms
24ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YkEGQipZk1VcB55A8hpHBAAA%261157
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:11 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=447
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:57:38 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8193
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

43 B
1001 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8193 70 B
264 B 93ms
53ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8193
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t

43 B
645 B

102ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4ZNWJ40DX1JWTRDF0TZN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HRNRNYM6P5C1G7CPT5MC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 8193 170 B
188 B 27ms
19ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkEGQipZk1VcB55A8hpHBAAABIUAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8193
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1651020611

43 B
1 KB

30ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1651020611
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:10 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1651020611
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8193
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YkEGQwAQQxZheQAy
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YkEGQwAQQxZheQAy&gdpr=1&_test=YkEGQwAQQxZheQAy

43 B
1 KB

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YkEGQwAQQxZheQAy&gdpr=1&_test=YkEGQwAQQxZheQAy
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1648428611.180616,VS0,VE0
x-served-by: cache-hhn4050-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YkEGQwAQQxZheQAy&gdpr=1&_test=YkEGQwAQQxZheQAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8193
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
1007 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Mon, 28 Mar 2022 00:50:11 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8193
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=00842881-9a77-45d6-841a-a99733c64aa0

43 B
1 KB

29ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=00842881-9a77-45d6-841a-a99733c64aa0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=00842881-9a77-45d6-841a-a99733c64aa0
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8193 43 B
424 B 20ms
17ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YkEGQipZk1VcB55A8hpHBAAA%261157
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:11 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=447
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:57:38 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 129F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

43 B
1001 B

28ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 129F 170 B
188 B 31ms
18ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 129F 70 B
265 B 66ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 129F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB&dcc=t

43 B
645 B

101ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BTSN6AR7YKWFKDTJYSSZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SCGZPHMGRNK9XNS412GJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQoZ5gYDLqIskDIMY3AAABGAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 129F
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=13428a42-96a3-47e8-9e18-d1d5262e8033&expiration=1679964611

43 B
1 KB

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=13428a42-96a3-47e8-9e18-d1d5262e8033&expiration=1679964611
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=13428a42-96a3-47e8-9e18-d1d5262e8033&expiration=1679964611
date: Mon, 28 Mar 2022 00:50:11 GMT
server: Kestrel
content-length: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame 129F 0
44 B 286ms
92ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:10 GMT
content-length: 0
server: c

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 129F
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d7c41a77-b153-4c1d-a971-98a046260903

43 B
1 KB

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d7c41a77-b153-4c1d-a971-98a046260903
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d7c41a77-b153-4c1d-a971-98a046260903
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 129F 43 B
220 B 49ms
8ms Image
image/gif 18.185.246.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.246.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 129F 43 B
424 B 19ms
18ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YkEGQoZ5gYDLqIskDIMY3AAA%261120
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:11 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=447
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:57:38 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B542
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB&dcc=t

43 B
645 B

101ms
100ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A5PSB71N83M2Z4RQWXKV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Z4XS059W14MXHTG2W11Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B542 70 B
264 B 70ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame B542 170 B
188 B 26ms
18ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkEGQipZk1VcB55A8hpHBQAABLIAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B542
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkEGQipZk1VcB55A8hpHBQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1

43 B
1001 B

23ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED9Xdoxj-zjbUZS8qHpbDbc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B542
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a67c8f4b-1312-c2d5-c5b44116

43 B
1 KB

23ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a67c8f4b-1312-c2d5-c5b44116
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

date: Mon, 28 Mar 2022 00:50:11 GMT
via: 1.1 google
server: nginx/1.20.2
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a67c8f4b-1312-c2d5-c5b44116
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 146

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B542
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=683f2749-bbf2-46b8-8b83-c64abb1c3a86&expiration=1679964611

43 B
1 KB

29ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=683f2749-bbf2-46b8-8b83-c64abb1c3a86&expiration=1679964611
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:50:11 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=683f2749-bbf2-46b8-8b83-c64abb1c3a86&expiration=1679964611
date: Mon, 28 Mar 2022 00:50:11 GMT
server: Kestrel
content-length: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame B542 0
0 75ms
26ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 113
match.deepintent.com/usersync/ Frame B542 0
39 B 285ms
93ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:11 GMT
content-length: 0
server: c

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame B542 43 B
424 B 19ms
18ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YkEGQipZk1VcB55A8hpHBQAA%261202
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:11 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=447
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 00:57:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 39ms
22ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa194886d08a40faae3c020852d395ce3512fc4da1cb77866dc15d68480efe24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 00:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10597
x-xss-protection: 0

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 50ms
50ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 28 Mar 2022 00:50:11 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 28 KB
29 KB 798ms
173ms Script
application/javascript 52.92.176.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.176.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 28ff48063d74ce8f7e80b9b3c1b529b23322b3945f6d5f4644a4ff4d14dad87b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:13 GMT
Last-Modified: Fri, 25 Mar 2022 15:30:20 GMT
Server: AmazonS3
x-amz-request-id: 2D5BACY03FGNVPGF
ETag: "d23420bbf3df099d7a011ba8ae2eddfb"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 29066
x-amz-id-2: VTtHH4Nymm/oPoKfay2hXpS6KjMwiisMhc4GdDX1R8hdYdgmpZFk5r2d3MDWRg6w/oyfkic4uFs=
Expires: Sun, 24 Apr 2022 15:30:19 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=scientists%2dat%2dwuhan%2dvirology%2dlab%2dhad%2dccp%2dvirus%2dlike%2dsickness%2din%2dautumn%2d2019%2dstate%2ddepartment%2dsays_554095%2...
https://a.clickcertain.com/px/?c=2455d1796b86efb

3 KB
2 KB

140ms
140ms

Script
text/javascript

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4955b8738529a93f26aa8ecd0d4c3180c7e89ec948885d5744bababfc78dc92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:12 GMT
content-encoding: br
x-frontend: cc-nginx-746688cd7c-8hlgm:cc-nginx-746688cd7c-8hlgm
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 01f540f7-e147-955f-aed6-99d8a0a129d8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wZQqbqgN1lOHtZQKz2G%2BWQmKprvGMsTVVIR%2F2oII7ybr%2Fu1QrEGFkmuWiNHmK6nIoOPrZChK6P26EROI3LCeNLBZc5A%2BKeGXRZmASLPXBgBKzBFhkXfsF8J4XeHn3YYAZwbFXmq881gtuG7Wt%2Flrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-envoy-upstream-service-time: 20
cf-ray: 6f2c5ec88a833763-MXP

Redirect headers

date: Mon, 28 Mar 2022 00:50:11 GMT
x-frontend: cc-nginx-746688cd7c-sv5sk:cc-nginx-746688cd7c-sv5sk
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 0946a002-6b90-97e6-9fb3-e767f5c7273c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xpi3spH81WM9AQyEtP1LRKK8cGXb0abPCDuPU8GQ2KP9SnSPb%2FWX3v9n3vnGluuPEyzyTiw%2BO1Wle26M%2Bs%2BM0Asow9xFOmgXb0NVQCijXO6GSBFO2tetCNBp5ikNNtJtaGkjpnMnbicoE%2BWfuRDEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://a.clickcertain.com/px/?c=2455d1796b86efb
x-envoy-upstream-service-time: 32
cf-ray: 6f2c5ec799f33763-MXP

GET
H2 200 impression
r-log.dable.io/s/ntd.com/u/82117105.1648428608930/ Frame 0AA5 35 B
140 B 258ms
257ms Image
image/gif 52.79.156.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/ntd.com/u/82117105.1648428608930/impression?source=554095&pick=&rm=30.1.8%2F30.50.6&cm=0.0.0&channel=side_bar_widget.default&reco_type=personalized-related-news&cid=82117105.1648428608930&widget_id=Ql9OO5o4&request_id=nROO9NyPQsgGwEj&reco_list_lz=NobwRAlgJmBcYHYCsSCMBOADGANGAtgKYAuAFgPYzwDMmAdEvQGxgC%2BO40ciSALKgA5quAiQpUwtOqjoC2HSBOQIATOjl4iZStymM6LdpyVpejEVvG76%2Bwwq7xkvLLwtidNejLlHF3ZdTUKm7aElLe8sb%2BvLwqTMGa7mE2zJF%2BjkgqGAmiodbSsmkOPEhMGCFWngypvsVOqEgauZWSXoW1JrwIZRUerdUGRZ3o6CyJeVURHdG8Qai9yQN2URlq6AgL%2BbZD-kjUAvGbVdvTGc7U8%2BMtejX2nZjqR-0nd7uM5Vd9N4OniF1Z6Ce32W6T%2BpUwl2aXxSP1eji6qFiQJhILqpSYCEBn0WLxWfyE%2B2RSzYAF0gA&uri=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&is_gif=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.79.156.248 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Mar 2022 00:50:11 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H2 200 request
sp-api.dable.io/services/ntd.com/users/82117105.1648428608930/campaigns/w09qVGR7yIV8/contents/36y0MKQAQcB7/ Frame 0AA5 35 B
109 B 806ms
269ms Image
image/gif 3.37.35.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/ntd.com/users/82117105.1648428608930/campaigns/w09qVGR7yIV8/contents/36y0MKQAQcB7/request?q=N4IgxglgJiBcIA4BMBGFB2FAGArAOhQDYAWBYpBQrBATgGYsQAaEAd2gHMBTAFwH1ocEAEUANjQDyEnAHtizEACcuARwCuXAM79B8AHYAlKTQByATwAKwzRwDirAKIArBcvVb%2BPCAFsucIqTklFg0xFjELJoyaopgfvA4OGE0OAq%2BPAAWMjDwKAR4jCxgGQCGenpcokKa0Fx8AEYlinzsUNw8eFBcAGYlaqI8ClwAHgAOEMo5IACyMnoABNNN8xQrWEhI81hYsDg7IfO20wAqANTb2woxEEIZPDyjmrAA9M%2Bs73h6PFB4YDLez00kC4Xwg2k0AFoSjwIaw1KU9BCAG4TGSiGQcMwQ0QleoQ0pQCFgMCjZETNSQ0QQADWXAhNTA1IqmkhEERfR4am8iKQWBQNHpPGhdK6oyaPF8X3pJTMmj4iWS%2BDu3iqLDZSJBPBkijMAimhCQhBwAB8xJJpHIFFqhaI%2BGLuHA6Cx7fEUJEIAAveJISLowawN1KMrUuBYNU8LjePhgaFCADCcYs8wAauTNAp6tldaIQRxMo70OgkABfIA&is_gif=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.35.1 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-35-1.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/82117105.1648428608930?from=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&ref=&cid=82117105.1648428608930&uid=82117105.1648428608930&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=554095&item_pub_date=2021-01-15T23%3A46%3A16-05%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:12 GMT
content-type: image/gif
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 00:50:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AAF 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 22:14:54 GMT
expires: Mon, 27 Mar 2023 22:14:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CEF3 783 B
536 B 22ms
22ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4390c74334096d16b317c444957d14aec0a090c06474f5de58e2d64cd8ad746e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7S67ykK3UrtOM11D5/R3BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 28 Mar 2022 00:50:11 GMT
date: Mon, 28 Mar 2022 00:50:11 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7S67ykK3UrtOM11D5/R3BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AAF 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 17:52:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CEF3 0
0 58ms
44ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=485452695497966&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AAF 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4i03UA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D93B 0
741 B 6ms
6ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 61f8ae84-cfd0-46de-af8b-f5968e3cdc5b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 45D1 0
741 B 7ms
6ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 56790089-4065-4154-94b5-cf9afe524b15
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9681 0
741 B 7ms
7ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 30d54e3e-e63a-4b9c-9f40-f6f887926b8a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 935D 0
741 B 7ms
7ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 00:50:11 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d87554a9-6b46-4c0c-b06c-6f958354ff29
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 8E13 942 B
735 B 124ms
123ms Document
text/html 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ea2876be9f1e15a2841704d2185e882054e4174142082d161e1434cdd2cdae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 00:50:12 GMT
content-type: text/html
etag: W/"NzY4MWJkODhnNDBhN2c0ZjM3ZzhhNzJnYTRiOTE3Y2UyZGQzLXow"
x-frontend: cc-nginx-746688cd7c-cfm6x:cc-nginx-746688cd7c-cfm6x
x-requestid: 7e75936c-9003-90b2-878f-25678a69f2f1
x-envoy-upstream-service-time: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2ntPHrBwz3O%2BI%2FUQsc6ln%2F1Mls5GXme4jR6xLoNJj47jaJqo7iaEOoG2bNO8BL5YRUU6GS5ircBxX67X6SRo4rheaIRoZEvp1ma5VPvoCFglGt%2FI3N0SyuXpsm0r6SUBaBBWjEPLeL50%2B1TkPf8uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2c5ec97b2d3763-MXP
content-encoding: br

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 8E13
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=ad058e4f-c652-4a05-8a26-0c1e7208a693

0
463 B

137ms
136ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=ad058e4f-c652-4a05-8a26-0c1e7208a693
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:12 GMT
x-frontend: cc-nginx-746688cd7c-sv5sk:cc-nginx-746688cd7c-sv5sk
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 0002c3e6-236d-9d1e-ba3c-ec7bf20985ec
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zz6TuDKEwlx7ea%2BltsUCIQOy8PmuZdXTLSIx4pzqDrJ5qySrauM6NmQ41Goqkj%2Bj7cRMpCoY03Q%2BVGxmuo3Ni3yjH%2FDQEhU4Rps7RTQas7CF%2FUwVKRJJYiNO6bzyWG6o7KCUOwKrM2rW4J3Fjtg23w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 18
cf-ray: 6f2c5ecb6c863763-MXP

Redirect headers

location: https://a.clickcertain.com/px/ta/?done=true&ta_id=ad058e4f-c652-4a05-8a26-0c1e7208a693
date: Mon, 28 Mar 2022 00:50:12 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 8E13
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7681bd88%2D40a7%2D4f3...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&anx_uId=3565113935969799681
https://x.bidswitch.net/sync?dsp_id=179&user_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&expires=5&user_group=0

43 B
495 B

11ms
11ms

Image
image/gif

18.185.246.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&cn=DE
Protocol: HTTP/1.1
Server: 18.185.246.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 00:50:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7681bd88-40a7-4f37-8a72-a4b917ce2dd3&expires=5&user_group=0
Date: Mon, 28 Mar 2022 00:50:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=485452695497966&bg=!EhGlEVXNAAbzJazn0yU7ACkAdvg8WoUEuQmlKoE9Do03fjY05mASBH52GfKiL83n6-rUTHtf8q89GgIAAABfUgAAAAJoAQeZAumGtTrfiet1RDhYaBJ0GTzvKt1D3C2vtu0sYy4CMmxHplVyy1egbjGBqUBcB-Zr5szvVGa16iwjRI2OpJeJdYR6TQhovLBTgyHQzztLEG9pz9B-EiMmiXo3C9bvjQeUzjZ4RJv4Eb43e3XayljEJReX5tMm6ozc4twku6nBMTb00SmdhEa9QajVk7hSFJ95Q7SNfWEI_W8YEUGMdeE5y0-X12NTKFpSFQibE7H-M6e7pVy-gjuVnR31jRAEso9iVnVBiR7frwlau7KjhfdLAW1N6JX7B4hkt5RiVqVu4kB9c2SweKrYu4QbvegBXL1BT530bLPbnpNJ-pv9JzlFS7u-i0mUaSoPgI_Z3Gq_5aTnzPPZGS86triCsSxLvN5YQ4z5ksXUYrYIm6esOwtCZzNM6ob34Y3IIVdTDvPBG--thbCdsTjiyjWsXAvmTfcPU71wgaYmxbAZt-uqXJMCSa0SFN-aWiNH7FNK4aINPUaGF45d9n9dBup36ftiAa-lN4kyqHAXzdw6Cdkcj2ZucqzG7J2_Mf0xsJGot_e1e4s_oVvf3lwejoJE_vQMFdb6_m1mfeKKb704shMOd-CvOwlLSRyZB-1PPiqcNFn08qh4I40l8-kmXQudosIycRG6y57cGX4J2MgbK32Py6b_eW9z7YAI9k5Ys5g2OsZdLSoaCXxRYF8saVs2AKOdz4bBzKDhbdf-BvCQMaVfBkb2DpU7ZA6zasgDa_Zf2ZSlGqj-bQQNBExRtNCit4UsnjV6H6498OVEzmhQCOq4C4TKxrJmpj4SzXDKhPh1ORh4bkB9-JLfoN3r1HKyc-s3GfUeXAwkhWZG_Avxe8EQ0v2h2RNR03J_W9C88UtC-Le6CepgVjzXJqs7t4hJaoZgqQPy124dzfSH3kZJGRliqslro7ZdQvSFmurzaw8D7Nik04Jit1acqBAWRA9H75TKxhTa3xN6IWLJJmcZVASxE_nlPaiplrk4eEHOuYgH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%...

42 B
350 B

171ms
171ms

Image
image/gif

35.83.79.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522bf0c6e2f-60b8-4c5f-9acf-f50b3f924258%2522%257D&title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tdc=1
Protocol: H2
Server: 35.83.79.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-79-238.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:13 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522bf0c6e2f-60b8-4c5f-9acf-f50b3f924258%2522%257D&title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&url=https%3A%2F%2Fwww.ntd.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html&tdc=1
date: Mon, 28 Mar 2022 00:50:12 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 107 KB
34 KB 29ms
28ms Script
application/javascript 104.111.225.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-233.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: e2b6c47b99e5a90a3b381b28610ac491198dc6f77ab52dfb95912fcef6f4189a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Y0otHLLcRamB1uKN_ZjSWYEqbRetSXJt
Content-Encoding: gzip
Last-Modified: Tue, 15 Mar 2022 06:35:04 GMT
Server: nginx/1.20.0
x-amz-request-id: 3HKQBET00A1D4YH2
ETag: "692664d9b1c52b6e2c394dd1e7f13db1"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=58333
Date: Mon, 28 Mar 2022 00:50:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34032
x-amz-id-2: MfXh2WqPYKoxJ2Wrihmfi8Og6IPUlkh7VdaR+QjeVrHDXEfLV1WNPELOiHd5CHtaV7cQJv09B0Y=

GET
H2 200 view Show response
r-log.dable.io/s/ntd.com/u/82117105.1648428608930/ 54 B
198 B 263ms
263ms Script
text/javascript 52.79.156.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.79.156.248 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Mar 2022 00:50:13 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEI-8SRs-W5qGsWwzUal6Ymo&google_cver=1

35 B
206 B

353ms
353ms

Image
image/gif

3.35.83.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEI-8SRs-W5qGsWwzUal6Ymo&google_cver=1
Protocol: H2
Server: 3.35.83.74 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-83-74.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:13 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEI-8SRs-W5qGsWwzUal6Ymo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=82117105.1648428608930
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D

0
493 B

290ms
290ms

Image
text/plain

211.249.220.158
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:13 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 00:50:13 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220328%22,%22u%22:%2282117105.1648428608930%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2 200 push_notif_ntd.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 149ms
52ms Script
application/javascript 2606:4700:3038::6815:ea4e

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/scientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_554095.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 19:08:58 GMT
server: cloudflare
age: 1020
etag: W/"5e4d87ca-189e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q29WXNori6Dfpr5jnjDHF5RjceDZzMxitlMAT1LYXRxtJjk7BcIB8lBP6ajMTVRJVM89V5AsG2nYtVnv%2FsdS0%2FJOnFpQykMFs%2Fssx1GQq1IqCPG%2BZH5aWND6cwKXAETcS8CTyfgDU7QxKYKHxv3e8eKy0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c5ed99a8659e3-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cbb358742efbe80005a15256de11d533.js Show response
clientcdn.pushengage.com/core/ 91 KB
21 KB 279ms
259ms Script
application/javascript 99.86.7.58

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1648428607838
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.58 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 09ccfb421029fc0b9078ea5ebfdc222b309632abc1a2a570673d5042e57063cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:14 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-id: c1kcw1xbbGPLpxZAm-wKuw2CnzT4PdFzYZrhZArqCFHuEuAKEY1nvg==
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)

GET
H2 200 checksum Show response
api.dable.io/items/services/ntd.com/id/554095/ 97 B
278 B 267ms
267ms Script
text/javascript 15.165.215.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/554095/checksum?callback=dbljson4

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.165.215.83 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-165-215-83.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

eae8de8a7ab28d9b80fc94369a72213cb1829b1e4f43d9c9ac157c9a1df1d7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.0
etag: W/"61-eyZxsSgBlWHtlYFnzNadd0irtHk"
content-type: text/javascript; charset=utf-8

GET
H2 200 update Show response
api.dable.io/items/services/ntd.com/id/554095/ 65 B
212 B 268ms
268ms Script
text/javascript 15.165.215.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/554095/update?title=Scientists%20at%20Wuhan%20Virology%20Lab%20Had%20CCP%20Virus-Like%20Sickness%20in%20Autumn%202019%2C%20State%20Department%20Says&image_url=https%3A%2F%2Fimg.ntd.com%2Fassets%2Fuploads%2F2021%2F01%2FWuhan-Institute-of-Virology-aerial.jpg&price=&author=Ivan%20Pentchoukov&currency=&sale_price=&sale_currency=&category1=CCP%20Virus&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2021-01-15T23%3A46%3A16-05%3A00&url=https%3A%2F%2Fwww.theepochtimes.com%2Fscientists-at-wuhan-virology-lab-had-ccp-virus-like-sickness-in-autumn-2019-state-department-says_3658930.html&description=Several%20researchers%20at%20the%20Wuhan%20Institute%20of%20Virology%20fell%20ill%20with%20symptoms%20similar%20to%20those%20cause&body_length=3728&callback=dbljson5

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.165.215.83 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-165-215-83.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

60b14b5786dde92f3aed85b0f466138746ac326dcec6ba0580400e2b4e4d0710

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.0
content-type: text/javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 02:37:00	Name: _li_ss Value: MgYIkgEQ5hE
tnews.to/	1970-01-20 02:37:00	Name: prli_click_3429 Value: scientists-wuhan-had-ccp-virushk
tnews.to/	1970-01-20 10:39:24	Name: prli_visitor Value: 6241063ee21df
.ntd.com/	1970-01-20 19:25:00	Name: _ga Value: GA1.2.262725209.1648428608
.ntd.com/	1970-01-20 01:55:15	Name: _gid Value: GA1.2.1634324835.1648428608
.ntd.com/	1970-01-20 01:53:48	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 19:10:36	Name: UID Value: 1E56ac296d13218afd162521648428607
www.ntd.com/	1970-01-20 10:39:24	Name: epoch_gdpr_userid Value: 80ed5f6d-3ade-b91b-301e-d55e539c968e
.ntd.com/	1970-01-20 02:03:53	Name: ntdViewCount_fb Value: 2
.t.co/	1970-01-20 19:25:00	Name: muc_ads Value: 5ea40257-9bb7-4c2b-8cf6-c8580a2d5155
.twitter.com/	1970-01-20 19:25:00	Name: personalization_id Value: "v1_4i7yyLkbJ4Q3ByVOi/d7Lw=="
.adnxs.com/	1970-01-20 04:03:24	Name: icu Value: ChgI159BEAoYASABKAEwwIyEkgY4AUABSAEQwIyEkgYYAA..
.gumgum.com/	1970-01-20 10:39:24	Name: cs Value: true
.adnxs.com/	1970-01-20 04:03:24	Name: uuid2 Value: 3565113935969799681
.mixi.media/	1970-01-20 10:39:24	Name: _sm_uid Value: 74295877-1eee-4a7a-aca8-66777003f3d6
.mixi.media/	1970-01-20 10:39:24	Name: _sm_udt Value: 1648428608731
.mixi.media/	1970-01-20 01:53:50	Name: _sm_sid Value: a3232cc7-e428-46bb-925c-bc4b0f55deec
.rubiconproject.com/	1970-01-20 10:39:24	Name: khaos Value: L19ZTYRX-L-A1X0
.rubiconproject.com/	1970-01-20 10:39:24	Name: audit Value: 1\|SDziDG3X/EgQm5E3zF86FbRHKV/Y9AOYB3Biw5iW/3oEYu0+y2W/JLChalJdbhho3OnsRse95/PAUJ+gL7gixREiWVDBisffUN+/nvRkaHE=
.stat.media/	1970-01-20 10:39:24	Name: _sm_uid Value: 74295877-1eee-4a7a-aca8-66777003f3d6
.stat.media/	1970-01-20 10:39:24	Name: _sm_udt Value: 1648428608731
.stat.media/	1970-01-20 01:53:50	Name: _sm_sid Value: a3232cc7-e428-46bb-925c-bc4b0f55deec
.stat.media/	1970-01-20 02:37:00	Name: _sm_cm Value: 32
.dable.io/	1970-01-20 04:17:48	Name: uid Value: 82117105.1648428608930
.dable.io/	1970-01-20 01:55:12	Name: _skp Value: 1
.dable.io/	1970-01-20 02:12:28	Name: _gg_ck_match Value: 1
.www.ntd.com/	1970-01-20 19:25:00	Name: dable_uid Value: 82117105.1648428608930
.ntd.com/	1970-01-20 11:15:24	Name: __gads Value: ID=b4c7ed74e9dba9fc:T=1648428608:S=ALNI_MYx3Z5PNd76YLqV9SolyYHBnf_h-w
.mixi.media/	1970-01-20 04:17:48	Name: nid Value: ads5-1sselp12
.doubleclick.net/	1970-01-20 11:15:24	Name: IDE Value: AHWqTUk2zPAONkcYqz6rJrGcHCNs9FadVYvMjmGidFJ2i_r44-fznIw3FFsCEj8E_hM
.ad.daum.net/	1970-01-20 04:03:24	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220328%22%2C%22u%22%3A%2282117105.1648428608930%22%7D%7D
.ds.kakao.com/	1970-01-20 04:03:24	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220328%22%2C%22u%22%3A%2282117105.1648428608930%22%7D%7D
.casalemedia.com/	1970-01-20 04:03:24	Name: CMPS Value: 3219
.casalemedia.com/	1970-01-20 10:39:24	Name: CMID Value: YkEGQipZk1VcB55A8hpHBQAA
.casalemedia.com/	1970-01-20 04:03:24	Name: CMPRO Value: 1202
.w55c.net/	1970-01-20 11:24:03	Name: wfivefivec Value: ftHoN79t1NyDAf5
.w55c.net/	1970-01-20 02:37:00	Name: matchcasale Value: 5
.casalemedia.com/	1970-01-20 01:55:15	Name: CMST Value: YkEGQmJBBkMA
.yahoo.com/	1970-01-20 10:39:46	Name: A3 Value: d=AQABBEMGQWICED7r8MLnU6z2Bval4U6fUH4FEgEBAQFXQmJKYgAAAAAA_eMAAA&S=AQAAApO6ftqLxgJizY9MjT46XPk
.brand-display.com/	1970-01-20 19:25:00	Name: _knxq_ Value: a67c8f4b-1312-c2d5-c5b44116.1648428611.0.1648428611.1648428611
.everesttech.net/	1970-01-20 10:39:24	Name: everest_g_v2 Value: g_surferid~YkEGQwAQQxZheQAy
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:25:42	Name: bcookie Value: "v=2&ecd94ac7-4511-4048-8100-21d739820e56"
.linkedin.com/	1970-01-20 18:58:54	Name: li_gc Value: MTswOzE2NDg0Mjg2MTE7MjswMjFzft8ZyEcPyjh9ZLI4/rZ9x7abTe3mhv0X2b8TMG4EyQ==
.linkedin.com/	1970-01-20 01:55:15	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2792:u=1:x=1:i=1648428611:t=1648515011:v=2:sig=AQExSHf_b6mRhLYnOix9tv4Nklj3gys1"
.amazon-adsystem.com/	1970-01-21 21:49:00	Name: ad-privacy Value: 0
beacon.lynx.cognitivlabs.com/	1970-01-20 10:39:24	Name: UID Value: 683f2749-bbf2-46b8-8b83-c64abb1c3a86
beacon.lynx.cognitivlabs.com/	1970-01-20 10:39:24	Name: ss Value: W2zOFC29qr6qBP0XouH4JeqWfGOxzX%2BvtPwu4UEDgx0SE5A82j%2BhgUiOFf0XzHRCcCpFcS9p%2BM5VGvU9LFfuaw%3D%3D
.casalemedia.com/	1970-01-20 10:39:24	Name: CMRUM3 Value: e6624106422760&056241064205a0&bf6241064205a0&2d624106432760CAESED9Xdoxj-zjbUZS8qHpbDbc&40624106432760no-consent&9862410643276000842881-9a77-45d6-841a-a99733c64aa0&58624106432760YkEGQwAQQxZheQAy&08624106432760683f2749-bbf2-46b8-8b83-c64abb1c3a86&f16241064205a0&27624106420b40&b06241064205a00
.amazon-adsystem.com/	1970-01-20 06:23:05	Name: ad-id Value: AwwXpAzRfEHkmKPgAzYkq6s
a.clickcertain.com/	1970-01-20 10:39:24	Name: _ccpx_u Value: 7681bd88%2d40a7%2d4f37%2d8a72%2da4b917ce2dd3
a.clickcertain.com/	1970-01-20 10:39:24	Name: _ccpx Value: 2455d1796b86efb
a.clickcertain.com/	1970-01-20 10:39:24	Name: _ccpx_2455d1796b86efb Value: 1
.tapad.com/	1970-01-20 03:20:12	Name: TapAd_TS Value: 1648428612348
.tapad.com/	1970-01-20 03:20:12	Name: TapAd_DID Value: ad058e4f-c652-4a05-8a26-0c1e7208a693
.tapad.com/	1970-01-20 03:20:12	Name: TapAd_3WAY_SYNCS Value:
www.ntd.com/	1970-01-20 06:13:00	Name: _geuid Value: bf0c6e2f-60b8-4c5f-9acf-f50b3f924258
www.ntd.com/	1970-01-20 06:13:00	Name: _gepi Value: true
www.ntd.com/	1970-01-20 02:37:00	Name: _geps Value: true
.liadm.com/	1970-01-20 19:25:00	Name: lidid Value: b0e83a33-c69b-4176-86e8-ee53747bece9
.alocdn.com/	1970-01-20 10:39:24	Name: uuid Value: 1cee307b-4cef-4a15-b0d6-74171e96efbe
.bidswitch.net/	1970-01-20 10:39:24	Name: tuuid Value: 21911de6-e4ad-4d3e-b87a-684806c94945
.bidswitch.net/	1970-01-20 10:39:24	Name: c Value: 1648428613
.bidswitch.net/	1970-01-20 10:39:24	Name: tuuid_lu Value: 1648428613

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

95946340e0c66d01e709eec0a3b70947.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
act.ds.kakao.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.dable.io
ajax.googleapis.com
analytics.ad.daum.net
analytics.twitter.com
api.dable.io
beacon.lynx.cognitivlabs.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.districtm.io
clientcdn.pushengage.com
cm.g.doubleclick.net
comment.youmaker.com
d.adroll.com
dmp.brand-display.com
dmx.districtm.io
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
hblg.media.net
hbx.media.net
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
images.dable.io
img.ntd.com
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
match.deepintent.com
mixi.media
p.alocdn.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.adnxs.com
px.ads.linkedin.com
r-log.dable.io
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.epoch.cloud
sp-api.dable.io
ssum-sec.casalemedia.com
stat.media
static.ads-twitter.com
static.dable.io
static.mixi.media
static2.mixi.media
static5.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync-tm.everesttech.net
sync.adotmob.com
sync.extend.tv
sync.go.sonobi.com
t.co
target.mixi.media
tnews.to
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
x.bidswitch.net
104.109.78.125
104.111.225.233
104.16.68.69
104.244.42.133
104.244.42.3
136.243.66.182
142.250.181.226
146.185.195.94
15.165.215.83
15.197.193.217
151.101.129.108
151.101.2.49
151.139.128.11
169.197.150.8
172.217.18.98
178.162.133.149
18.156.195.47
18.185.246.45
184.31.84.150
185.183.112.155
185.64.190.78
199.232.136.157
2.18.233.180
2.18.234.21
2.18.235.93
211.249.220.158
2602:803:c003:200::31
2606:4700:20::681a:27a
2606:4700:20::681a:932
2606:4700:20::681a:ad1
2606:4700:3037::6815:2a1f
2606:4700:3038::6815:ea4e
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:803::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c01::9b
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:94f3:d01d:495a:dfd0
3.123.52.20
3.35.83.74
3.37.35.1
34.111.151.213
34.120.33.89
34.120.97.157
34.192.179.231
35.171.62.1
35.227.248.159
35.244.159.8
35.244.174.68
35.244.243.66
35.83.79.238
37.252.161.190
37.252.172.250
37.252.173.215
52.46.130.91
52.79.156.248
52.92.176.104
52.95.119.178
54.211.231.81
54.77.209.82
63.32.216.168
65.9.66.119
65.9.71.173
66.155.71.25
69.173.144.138
69.173.144.165
99.86.7.58
99.86.7.79
03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4
03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5
03b77dca865fa0233ce6904c14c7a6ff94909547128e1e355f17e0b3ae3e1b99
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072246c24471a05ca7da6bb4d5c726846ab5b454c0d2769135eb68cc523ecc3e
0844b168500349447b27b94dffc5e1d5fff31c5bfeb38d1bc0e821c03faedcd9
08ea2876be9f1e15a2841704d2185e882054e4174142082d161e1434cdd2cdae
09ccfb421029fc0b9078ea5ebfdc222b309632abc1a2a570673d5042e57063cb
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd2c3f75597d0457cbd0960a485071958b70ad4b2969a1a437f71235092caab
0d74d68e0eb2a8b31e58858978af32d37d48b6f5b78294589ec4170438fef77b
0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27
0e6644f09258f240a81b2c864684c27e31548b5e252f533c35e4177d2699fb2e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
12ff7dffe56f3c7036eaf8892bb0036a1642151c7de9b9ea8396cae96a182fb6
1819e2537030faf3f6af89f1354a0df75c960cbfbe8fd699de538b93c0427bb1
18f6939e2f8e7cef78fa1de2d9d96eec879d9ccb2ce6df4397d914b4a4319e1a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
2093e5c3404a81b8a17a20124c8dab2008a681b2919c270d2b44856416b12846
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
21a2f38a3301e9d90fb35900979ab70add603b3ce3bd25171f7b8a4d0e93d3c7
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
28ff48063d74ce8f7e80b9b3c1b529b23322b3945f6d5f4644a4ff4d14dad87b
29e63a4868c17e236e0d54319c05386ce448f433084fcff9954d44e8f16242a4
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
2df718570ba57fdea1976f4c97dceca39e42ec20eda71afd837c442b046c3efd
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36cd80da220c5d5a7a488fe0afa10fc4be479ee5e4598517932f1ebb554b186b
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
395fbd00bfd9c4b61cd308d00ecbf15452e528778422489a5b9a4622d9351a6a
3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e
3c4e0e313d3434ffe8ef03e9a3b4c3fbed455f8bd06b357ba548c1ff2e848a36
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d975e5cc124aa7345b669bdb9385b2c3bde0d7e167f85b5e40f08988bd1b0e3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4390c74334096d16b317c444957d14aec0a090c06474f5de58e2d64cd8ad746e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45e8bf15a0d25fefec60f390ed79da0a649ffe1ea3efa4baf1dbe7afa21be3ba
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ce64e0e1899165a4d2e44ffcde43cc1bc5e8ea6c21fad85b4d042938ecd370
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4dffa05010867386fbff38ab1ee6804dc7028d4d5468a05aac199d369a78b212
50107e26113c71fe5a0e68fb14689c48a02ae8072289adae0f3c3d9f6cfffa09
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
505a3e699b3c09bfad202c8798f15f2f09d17a90d33fd4e342ecfc804be363fe
52be68347741f64b52375244b714eabd8f5cc622aca3e89c6bce0f1164fa51b8
52df357cf901533ff28e59c6f2e0ae3ae34abbd6bbde0345d3bbdf0d11cc230b
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80
5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57683cf873f4a8cf2fd2cdbc7421f3690712fefc098eb416d99e5eae19e4478c
57ff71b49b54c7cb6c9047d59febf26716fe2611039a4236e1d7bc44a306197d
5836bd86efe6f30a3ee1df3b26367c320d5e1486c43792682844703c63684307
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e8b16eda34207d04645cc2e183d1403160cff6a2be7fbcb4d95c6f154cd624e
60b14b5786dde92f3aed85b0f466138746ac326dcec6ba0580400e2b4e4d0710
61085232d356ce7e6e27cb6bd22434c443a0760cf5c95b02fcb2434b271a3ceb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ff7d0674b7e4f2344e09cc13e81e497dc9a7fa762ac68736cac6d9ba38abab
645d015a31bc039d50812e8dc9cbeb84d182b9d2336cce7a53f8a4fb30bb7554
65680a348004b7e7fe3922a359eb014cf513d823a3f7b4d8414e8b1696b3aa58
6627542d8df0b027f18712b2ff4d874940d1b61f11ebc52019fe257e867b6271
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958
66e9df0caa1e39da9344ef47ecc1ca7076810d478c1f2e418ffe505fd71a34cb
6923b497ec85a49be01a07c47ff8cd7cbffdc66c1781a13b31745f622a60ae61
693e4cbefa63e241c6bd466dc7bdd457130d4dc6eb5f51ab64d09330b4728040
6a02ebb0c185cbfe54d0403b0f0380807c64f8d549fdf51c0206a7bff11c7abd
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
6ed2043de5c68020c72fc3c9cfc67a52be37c2f6f7bda2d96e6ee3e0ad1269c3
70551a79d67fb07076ba5102e8be0778f7ad9df891195dee8bca564c32a0a58f
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55
723c686c2026cad642c5f72ea3e9f2b6e48d3dfba1c1ef42b6a3d33ebb273844
72b258667803ad9df3f9a6449a34dd8c29107cd1cd53f7bdd6190bbc3c5b8f6e
7304a8b44027d55051ff16666fa5d9b371b0aaf7ea5136de52d18f00e40cc6e3
739db3db63c552a321ed71d919bba142cb4a47fe4b8c92cef8b7c29ba67ef59b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
750578f50a95b66cdb76fb1583705d4808e8d5e5e248e3581433b382005332d5
7724923e8ef7a8c09dbf2c3587a81b1f089af25cd9a1c25f5afff957f5aa4aa7
77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79ef4e504523b5309adf138b2215d300decba8ce3246f16000cbb4867a34945f
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7f381db5c5098522ee80c344efef2a2f6e7467084869f64253c5fe6340828e9c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81a9e8c6edb93a86ebd55e3f2554e5ba8532c64273e23bee8aa82f9a60c1c866
83dffb6e8ac6f574850e19ad5668c8aa7cd90c89e6ca28358a34c40f26714be9
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
84d82bfc852f60224d7a4f34a838fb0cb8459ce20ecad9de65bcca67fc830c66
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855d3c6590e489321b30dd83d0a9b824dbf52aca42d598967438a900c17029e2
85d676dc2a0fd26ca684094d8484080968c1355283fd2f0fd1209a239f4b1338
8626b1ee1a967ed67e733bd403dcf03f0ae7879031f2bec7da6625525a23dd27
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b601979a3e0eb604264bfedc2a754c498331e22ee4685ab17a500bf8b98c732
8b622ac31b659e965866e554d239ba5b9e36ba09438ed7703e659c7d58794b57
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc64f50f15d520612b5482e54b8e0092e0648f4d4055872d5b49c283ba1e69e
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0
9286a81068c23e3e41b8b9abf575c0678fd72a1d5018886b943764d9e3b35a28
98d486c73fe94c92326efbaa1d169eb6d1731ef8fbb3505990b369acbab65fe9
9963485ccb8a760a4dd0df41b5e63c36f28bd143313de3f9c09b096ebdbb8ee0
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61
9c327b50d9c99387485befa8267d3b565314856fc54824b69bb846ce2dcea082
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9fe52a36d739773f98b039774322713a38965b83a45e630608817774f14096ea
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a283bae989c87a354beb5f98e1f1d6d2895c4eb6b564d2c57bc3187e5adfd482
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80dbcb4f9b768e0fcdcc076a02d6d9b21d76d23810bda30adda5931d7e22df6
a979c3b450b39c2fe56c0c82ad4679c5034da24b088d6d4bfb6c169ef62ba421
aa194886d08a40faae3c020852d395ce3512fc4da1cb77866dc15d68480efe24
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb2bc99a72dd5f3ddd68c6485959d75960c6664019bda5781a08b0904cfbaeb
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
b0dc1ea1f3dfce0f26d8d4b8e2aab01ad785b255873248db87f6c5b2b6171df1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8
b3665b8f313dc77b13b84948a2bc86c37f7b5a9b42cf2605068fdaa6cf86239c
b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f
b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95
b75dbc475efcfa8b6950810101239e19a5bdcbc20aef1fcfc88a87c364ecbe7f
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bc273ac9acd157a08ef6d65592e204e7a17b702705fbd34991426d641a957fe2
bcc81571354b164e6b704d258e3eb4c8bc6139ec2452740b7896d3e23f53ca1f
bea3ca280c6395180b1d1882dbd0975f7cfdb33c8480bb180801ef739a512a09
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c43d412fc5ba2c57cc90b13e324b0aae3824e0b22b6e246a4ade5f9ce0a8ea02
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c983093fa6483b79cec9dcd2b2998d01dbe55dc064e2f287e2d11eea547ced7a
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
ca870df4e6516bbd10f0f14142f3eefc1ca9c1a5c1c473d8b6254bc4c88aeccb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d16c5b521f7d6753bd3011e48cc5c046ec8477e4dff731ab5d6dc33109413493
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d3a37c8909675ef02985ca9e2a922a3bb0e40505a38018b3f3bbe075b5a7b7d7
d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cced9463f5b7e9240679f319c571c76786f41e367de91a45dc1d264212f897
da10eb9818807e75c8973b4fd5319b0cc0130ce2fb78b2c83ea94d1091a8ca86
dc61aab5d01b3c4f3c2ef55573ec9832d63d5e3611758cd9db64c0b9608f3ad3
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e207c9a6b5a8bac7ae559d8d4cd0e8b936b5fff2d3c3dcaaa07da5be264fb411
e2b6c47b99e5a90a3b381b28610ac491198dc6f77ab52dfb95912fcef6f4189a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4001fd2ef3cc22538b3d8728180b936b0bb760388a72971f3ecbb0ca5fec42c
e667783197f915fa59454634d11a59e197f8fe1112ee658f86ed288dc7ca3f34
e7cee0a0eb35e96c9a23a587db0ae9e57a4d440d42ce34a686dbeb5c3b9ee3d2
e8efb207b1cd8218f260562aa28a745dcada82dc60a80113336e34d3253b9a98
e9eb29d2bcf0c752e3a5ccc158c4ad15fb3b675fc96e8e1e83097b2d6b265888
eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd
eae8de8a7ab28d9b80fc94369a72213cb1829b1e4f43d9c9ac157c9a1df1d7fe
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee51ef4504d1d1fef6713660ddc2ffb303669ff5a68c6752bd5bcb6510e5cd39
ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09b671519ee886c4c0bd9de19ed1bcff414da9f899f4675151204f2eddec311
f2b4ab620da6d9e940b481f5703999389c5305aa09ba1a94eb713a69b607d2e5
f2c4e8fb24ef53564c35598920178560ecb2197336f27cb3108ee211a7f2b413
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f329559661d26f3ad69d7e4ce12802fa910a99724298e261f13cd05e341152e8
f417e58a6af72435d556b273c7731a858a6f1f6bf9970a2556a88a816d3ca093
f4955b8738529a93f26aa8ecd0d4c3180c7e89ec948885d5744bababfc78dc92
f4bfd72b1cc2afac055d4987dc3ab653de1067815487ca085ad2510d2a6c7851
f6bddabdd702ee4d557fb409c94557943a4ff9eca9acfc6141894b2bf1453c67
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f72b72ddcc64d4958441690fbe0beb6f5aa20e7088f37dbd6af63cfacd87561c
f871e49995e99ba24b2aa91bc1ebff2f7cababcbe409721be96addd260ecf0bb
f952d40de50ee68414a8454d93b85fa326a029b3cd7d070bc19a206e15702924
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

www.ntd.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

323 Requests

89 %HTTPS

32 %IPv6

58 Domains

94 Subdomains

68 IPs

11 Countries

5383 kBTransfer

8404 kBSize

64 Cookies

22 Outgoing links

Page URL History

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

89 %
HTTPS

32 %
IPv6

58
Domains

94
Subdomains

68
IPs

11
Countries

5383 kB
Transfer

8404 kB
Size

64
Cookies

323 HTTP transactions
5 data transactions