www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Submission: On April 20 via api (April 20th 2020, 7:03:16 pm UTC) from ES

Summary HTTP 182 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 45 domains to perform 182 HTTP transactions. The main IP is 151.139.128.11, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is www.ntd.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 30th 2019. Valid for: 2 years.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
5	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02)
11	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1 4	23.213.14.93 23.213.14.93	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a04:4e42:3::626 2a04:4e42:3::626	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:9a:24ed:9b6:1020:2655	15133 (EDGECAST) (EDGECAST)
1 1	185.94.180.127 185.94.180.127	35220 (SPOTX-AMS) (SPOTX-AMS)
1	23.213.14.140 23.213.14.140	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
11	136.243.217.162 136.243.217.162	24940 (HETZNER-AS) (HETZNER-AS)
4	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
3	23.213.15.82 23.213.15.82	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.202.183.121 18.202.183.121	16509 (AMAZON-02) (AMAZON-02)
10	23.210.248.12 23.210.248.12	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.95.123.41 52.95.123.41	16509 (AMAZON-02) (AMAZON-02)
4	136.243.42.207 136.243.42.207	24940 (HETZNER-AS) (HETZNER-AS)
2	159.180.84.2 159.180.84.2	33047 (INSTART) (INSTART)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	23.213.15.153 23.213.15.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
2	35.184.75.251 35.184.75.251	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4001:c03::5e	15169 (GOOGLE) (GOOGLE)
3	23.213.15.11 23.213.15.11	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
3	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.213.15.23 23.213.15.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	91.228.74.253 91.228.74.253	27281 (QUANTCAST) (QUANTCAST)
3 3	52.58.138.174 52.58.138.174	16509 (AMAZON-02) (AMAZON-02)
1 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	63.32.144.14 63.32.144.14	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-) (VCLK-EU-)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	23.203.69.229 23.203.69.229	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.209.114.160 13.209.114.160	16509 (AMAZON-02) (AMAZON-02)
1	43.227.116.104 43.227.116.104	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	211.231.100.211 211.231.100.211	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
2 2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
1	3.34.12.189 3.34.12.189	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	23.213.14.49 23.213.14.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	35.201.68.206 35.201.68.206	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::681b:a557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.194.89 13.224.194.89	16509 (AMAZON-02) (AMAZON-02)
182	58

32 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

vs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.14.93 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-14-93.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:3::626 (Ascension Island)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:9a:24ed:9b6:1020:2655 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.127 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

js.spotx.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.14.140 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-14-140.deploy.static.akamaitechnologies.com

aka.spotxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 136.243.217.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static5.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.161.190 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.15.82 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-15-82.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.202.183.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-183-121.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.210.248.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-12.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 4 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.42.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sm-server1-1.sfa50.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.180.84.2 (United States)

ASN33047 (INSTART, US)

cdn.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.15.153 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-15-153.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.184.75.251 (United States)

ASN15169 (GOOGLE, US)
PTR: 251.75.184.35.bc.googleusercontent.com

adstat.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4001:c03::5e (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.15.11 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-15-11.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.95.120.147 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.15.23 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-15-23.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.253 (United Kingdom) 1 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.138.174 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-174.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.144.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-144-14.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.69.229 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-69-229.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.209.114.160 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-209-114-160.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.227.116.104 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

ace-sync.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.231.100.211 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.34.12.189 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-12-189.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.14.49 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-14-49.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.206 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681b:a557 (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-89.fra2.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	ntd.com www.ntd.com	640 KB
14	youmaker.com vs.youmaker.com adstat.youmaker.com www.youmaker.com	2 MB
12	teads.tv a.teads.tv t.teads.tv sync.teads.tv	143 KB
11	mixi.media mixi.media static.mixi.media target.mixi.media static8.mixi.media static5.mixi.media static3.mixi.media static4.mixi.media static1.mixi.media	312 KB
10	adnxs.com prebid.adnxs.com ib.adnxs.com acdn.adnxs.com	5 KB
10	doubleclick.net 3 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	112 KB
9	advertising.com 7 redirects adserver-us.adtech.advertising.com pixel.advertising.com	4 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	185 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
6	openx.net 3 redirects u.openx.net	652 B
5	dable.io static.dable.io api.dable.io adx.dable.io	34 KB
5	jwpcdn.com ssl.p.jwpcdn.com	190 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	4 KB
4	stat.media stat.media	25 KB
4	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	2 KB
4	googletagservices.com www.googletagservices.com	98 KB
4	media.net hbx.media.net hblg.media.net	110 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	pubmatic.com ads.pubmatic.com
3	gstatic.com fonts.gstatic.com csi.gstatic.com	22 KB
3	spotxchange.com 1 redirects sync.search.spotxchange.com search.spotxchange.com	3 KB
3	gumgum.com g2.gumgum.com	2 KB
3	casalemedia.com as-sec.casalemedia.com	3 KB
3	districtm.io dmx.districtm.io Failed cdn.districtm.io
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	91 KB
2	jwpltx.com prd.jwpltx.com	127 B
2	dotomi.com aol-match.dotomi.com	206 B
2	digitru.st cdn.digitru.st	14 KB
2	google.com 1 redirects www.google.com adservice.google.com	352 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	pushengage.com clientcdn.pushengage.com	17 KB
1	epoch.cloud ai.epoch.cloud Failed services.epoch.cloud	2 KB
1	twitter.com analytics.twitter.com	651 B
1	daum.net analytics.ad.daum.net	571 B
1	toast.com ace-sync.toast.com	650 B
1	adsrvr.org match.adsrvr.org	264 B
1	quantserve.com 1 redirects pixel.quantserve.com	843 B
1	2mdn.net s0.2mdn.net	11 KB
1	t.co t.co	448 B
1	spotxcdn.com aka.spotxcdn.com	156 KB
1	spotx.tv 1 redirects js.spotx.tv	589 B
1	jwplayer.com entitlements.jwplayer.com	235 B
1	google.de www.google.de	109 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
182	45

	Domain	Requested by
32	www.ntd.com	www.ntd.com
11	vs.youmaker.com	www.ntd.com vs.youmaker.com ssl.p.jwpcdn.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ntd.com
6	u.openx.net	3 redirects www.ntd.com
6	adserver-us.adtech.advertising.com	4 redirects www.ntd.com
6	a.teads.tv	www.ntd.com securepubads.g.doubleclick.net a.teads.tv
5	ssl.p.jwpcdn.com	vs.youmaker.com
5	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
4	sync.teads.tv	a.teads.tv www.ntd.com
4	stat.media	mixi.media stat.media
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	prebid.adnxs.com	www.ntd.com
4	www.googletagservices.com	www.ntd.com securepubads.g.doubleclick.net
4	sb.scorecardresearch.com	1 redirects www.ntd.com
3	api.dable.io	static.dable.io
3	pagead2.googlesyndication.com	www.ntd.com securepubads.g.doubleclick.net
3	ups.analytics.yahoo.com	1 redirects www.ntd.com
3	pixel.advertising.com	3 redirects
3	ads.pubmatic.com	www.ntd.com
3	cdn.districtm.io	www.ntd.com
3	acdn.adnxs.com	www.ntd.com
3	fastlane.rubiconproject.com	www.ntd.com
3	g2.gumgum.com	www.ntd.com
3	as-sec.casalemedia.com	www.ntd.com
3	ib.adnxs.com	www.ntd.com
3	hbx.media.net	www.ntd.com hbx.media.net
2	cm.g.doubleclick.net	2 redirects
2	prd.jwpltx.com	www.ntd.com
2	aol-match.dotomi.com	www.ntd.com
2	adstat.youmaker.com	www.ntd.com
2	fonts.gstatic.com	www.ntd.com
2	static8.mixi.media	static.mixi.media
2	t.teads.tv	www.ntd.com
2	sync.search.spotxchange.com	1 redirects www.ntd.com
2	cdn.digitru.st	aka.spotxcdn.com cdn.digitru.st
2	static.mixi.media	mixi.media www.ntd.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	mixi.media	www.ntd.com static.mixi.media
2	imasdk.googleapis.com	vs.youmaker.com imasdk.googleapis.com
2	www.google-analytics.com	1 redirects www.ntd.com
1	clientcdn.pushengage.com	www.ntd.com
1	services.epoch.cloud	www.ntd.com
1	www.youmaker.com	www.ntd.com
1	hblg.media.net
1	analytics.twitter.com	static.ads-twitter.com
1	adx.dable.io	www.ntd.com
1	analytics.ad.daum.net	www.ntd.com
1	ace-sync.toast.com	www.ntd.com
1	static.dable.io	www.ntd.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	www.ntd.com
1	pixel.quantserve.com	1 redirects
1	eus.rubiconproject.com	www.ntd.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	www.ntd.com
1	search.spotxchange.com	aka.spotxcdn.com
1	static1.mixi.media	static.mixi.media
1	static4.mixi.media	static.mixi.media
1	static3.mixi.media	static.mixi.media
1	static5.mixi.media	static.mixi.media
1	target.mixi.media	www.ntd.com
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	t.co	www.ntd.com
1	aka.spotxcdn.com	www.ntd.com
1	js.spotx.tv	1 redirects
1	entitlements.jwplayer.com	vs.youmaker.com
1	www.google.de	www.ntd.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	static.ads-twitter.com	www.ntd.com
1	www.googletagmanager.com	www.ntd.com
0	ai.epoch.cloud Failed	www.ntd.com
0	dmx.districtm.io Failed	www.ntd.com
182	74

This site contains links to these domains. Also see Links.

Domain
www.ntdtv.com
www.ntdtv.kr
www.ntdtv.jp
www.ntdvn.com
www.youtube.com
twitter.com
www.facebook.com
legendsunfolding.com
www.beautywithin.tv
share.flipboard.com
www.reddit.com
www.theepochtimes.com
mixi.media

Subject Issuer	Validity	Valid
*.ntd.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-30` - `2021-05-29`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.stackpathcdn.com Go Daddy Secure Certificate Authority - G2	`2019-06-27` - `2021-06-27`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
jwplayer.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-12` - `2020-10-16`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
s2.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-08-31` - `2020-04-23`	2 years	crt.sh
cdn.spotxcdn.com GeoTrust RSA CA 2018	`2019-04-24` - `2020-05-23`	a year	crt.sh
vs.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-05` - `2020-07-04`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
mixi.media Let's Encrypt Authority X3	`2020-02-18` - `2020-05-18`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2019-09-18` - `2020-08-26`	a year	crt.sh
static.mixi.media Let's Encrypt Authority X3	`2020-02-05` - `2020-05-05`	3 months	crt.sh
*.stat.media Thawte RSA CA 2018	`2018-02-07` - `2020-09-19`	3 years	crt.sh
target.mixi.media Let's Encrypt Authority X3	`2020-02-18` - `2020-05-18`	3 months	crt.sh
cdn.digitru.st Sectigo RSA Organization Validation Secure Server CA	`2019-05-09` - `2021-05-08`	2 years	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.youmaker.com COMODO RSA Domain Validation Secure Server CA	`2017-10-03` - `2020-10-02`	3 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-13` - `2020-08-11`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
static.dable.io Let's Encrypt Authority X3	`2020-04-07` - `2020-07-06`	3 months	crt.sh
*.dable.io Amazon	`2019-08-07` - `2020-09-07`	a year	crt.sh
*.toast.com COMODO RSA Organization Validation Secure Server CA	`2018-04-20` - `2020-07-18`	2 years	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2018-12-11` - `2021-02-08`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-17` - `2020-10-09`	8 months	crt.sh
*.pushengage.com Amazon	`2020-02-27` - `2021-03-27`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Frame ID: 9F3715CFD3615F700C9CAB24BD18718E
Requests: 152 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.381.3_en.html
Frame ID: 79A0921957A237D221CE5F3CCDFFFA66
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUBNN02K&prvid=80%2C97%2C109%2C126%2C148%2C157%2C159%2C175%2C178%2C186%2C193%2C201%2C203%2C208%2C214%2C222%2C3008%2C3014&rtime=30&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1
Frame ID: 6E4F298AEA9FDC4C39E2BBBEA9648B5E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t
Frame ID: 3AB1315BF3DF59AF79D96535D459E094
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqRe-5VtLNp9KVhxA62vRIivvzhvYI8qPeEg5w50TsTtIBN-Bvnx0BZRRUOrvxD0ZgB-1e_KT9VO-r0vgDXXFl-_mkkd9E1Ku-51XpQa_hHk_h0shXpXTLOpylF0dD-k3SfvwPzyuyP3EU9PxvtUG2MaVjPtkjMpx6dhCHqzkMiD9h1NSA8yBAS-KALb7pWr3OSNeVhOlZdLSmAr7fBDPsKWVWoLd9mufOhayxiwVYwdqmIww1DnndXuxBIyZ16aHLYCgV7C7QYgoLl3glGhMmpQ84njEt&sai=AMfl-YSv5dN8vJZpINWW1B1Pfd2fKU4CxjnLVIOKjka1BVphhDrMBKejyYp8NoOfcVABb3EgKROtYasT4Qe36FAIoBNvmzXZuHWcPQxsPivb&sig=Cg0ArKJSzHwyp-JRc3OsEAE&urlfix=1&adurl=
Frame ID: F0B5439DD58015FC941DE11F7D50A45B
Requests: 4 HTTP requests in this frame

Frame: https://cdn.digitru.st/prod/1.5.41/dt.html
Frame ID: 6A43E378BC142511D80C00D82987A689
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=99711&userId=298df21e-496b-429b-815e-18c599f2b212&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&fromFormat=true&env=js-web&vid=d9053123-f663-4515-b07e-2ca6903af5a1&1587409374454
Frame ID: E1A04B83ADF5DE3471A57772BF773EA8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUlnsyEJ2zWrJqTfgwNgqzcF4bxSvhvhNDyhRao5D46Jk4DGR6Mt2sVnf2Wtcjp2RjYPofdNJJAhZc4kjOna5i7X-F3LzXEQe91KgmVryL7WBQXDx1wuS5cAVQZzsKSJFs_3qgmJMMILznYI8ttzq4ouvWZflvSX2BIF7JEEViQijtlbzivM8xdUIuGVOvyvGLOPKPO4QR__5zgZBlSNBlYHGjhOZZ95AP38tJCnNM41vCuwB8c0Py1A5vNzzJ2eQ7c_Z_Oa8PFExndM4QdBGpkCfMJ4fwkUW31nwSiC5hecBw-GwDoKrw9kyfq3s&sai=AMfl-YSWNBpQctlja030umYqVn4amEWI3lA0ky08sNyfMoEKdeg1t-3J7DO_2GFFuD83JtsOsXhBGGf_pD1g3G3PUyTVLhSqz2bVhh3yRvS-Yw&sig=Cg0ArKJSzKD6eXtp8I_6EAE&urlfix=1&adurl=
Frame ID: 1BB0D5A009B3211C3DEFEA0983670CC3
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3EF579D8A7C7BB6DEF5030FBC7E65C06
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 9F08E96C5115C10627DD3D881B06B435
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: AD3B43CF50944650B61B90116E117E41
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 50417BE470410700760A5940EF960EF9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 75B1CF14A0D17FDBBAFFC97DEA0D7DF0
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0&
Frame ID: F414261654BCDFE8B9B0FC62F4C51F14
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0&
Frame ID: 5F3FF9962193803B63E352097A04246F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C4E70CB2D7C9189AB3E6DDD708E3271B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2BAA3477A6B874F8D7DF9226B49BFB08
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0&
Frame ID: 4A1D98CA580DB7DD455575459641B8A8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 420E1C22CEED1DDC15F63066816CE264
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: E0B14630C5820F75B98BD5718E24F4A5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: FA57CF8AF4AE39BFD3C7E47E7BD3E2DB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7B518CCBE10BC2C8E9B768610F5807F6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DD7F1BDD8F06E40C135B81E680087D13
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C7E45181AD5423E3AF6E9BAEA37468F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F07736EE7C544DC098D95E9660949179
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

182
Requests

93 %
HTTPS

33 %
IPv6

45
Domains

74
Subdomains

58
IPs

9
Countries

4234 kB
Transfer

7310 kB
Size

4
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ntdtv.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.ntdtv.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.ntdtv.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.ntdvn.com/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NTDTV
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/news_ntd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NTDNews/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCgFP46yVT-GG4o1TgXn-04Q
Title: China Uncensored

Search URL Search Domain Scan URL

URL: http://legendsunfolding.com/
Title: Legends Unfolding

Search URL Search Domain Scan URL

URL: https://www.beautywithin.tv/
Title: Beauty Within

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html
Title: Flipboard

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&via=news_ntd
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/involvement-of-wuhan-p4-lab-questioned_3230182.html
Title: The Epoch Times

Search URL Search Domain Scan URL

URL: https://mixi.media/
Title:

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=8329478&bl=95162&ct=adpreview&st=43&ab=jsapi&bvuuid=f121c122-ba4a-4c4d-82cf-e6fe40936c83&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChiGsvwDxez9A-n3-QP5uPsD7JD9A8TI_QM5axNtGgAAAA&rnd=328124

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=8353349&bl=95162&ct=adpreview&st=43&ab=jsapi&bvuuid=f121c122-ba4a-4c4d-82cf-e6fe40936c83&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChiGsvwDxez9A-n3-QP5uPsD7JD9A8TI_QM5axNtGgAAAA&rnd=842270

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=8289257&bl=95162&ct=adpreview&st=43&ab=jsapi&bvuuid=f121c122-ba4a-4c4d-82cf-e6fe40936c83&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChiGsvwDxez9A-n3-QP5uPsD7JD9A8TI_QM5axNtGgAAAA&rnd=104533

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=8313977&bl=95162&ct=adpreview&st=43&ab=jsapi&bvuuid=f121c122-ba4a-4c4d-82cf-e6fe40936c83&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChiGsvwDxez9A-n3-QP5uPsD7JD9A8TI_QM5axNtGgAAAA&rnd=43377

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=8341612&bl=95162&ct=adpreview&st=43&ab=jsapi&bvuuid=f121c122-ba4a-4c4d-82cf-e6fe40936c83&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChiGsvwDxez9A-n3-QP5uPsD7JD9A8TI_QM5axNtGgAAAA&rnd=313275

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=8348740&bl=95162&ct=adpreview&st=43&ab=jsapi&bvuuid=f121c122-ba4a-4c4d-82cf-e6fe40936c83&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChiGsvwDxez9A-n3-QP5uPsD7JD9A8TI_QM5axNtGgAAAA&rnd=798185

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NTDTelevision/
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1587409372350&ns_c=UTF-8&cv=3.5&c8=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&c7=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1587409372350&ns_c=UTF-8&cv=3.5&c8=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&c7=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&c9=

Request Chain 50

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2031152130&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&dp=%2Fthe-origin-of-the-coronavirus-report_431784.html&ul=en-us&de=UTF-8&dt=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=YEBAAEAB~&jid=1370657149&gjid=391070848&cid=1784740257.1587409373&tid=UA-128455718-1&_gid=317277399.1587409373&_r=1&cd1=28902&cd2=266&cd3=%3Bcoronavirus-outbreak-28902%3Bchina-10%3Bnews-8%3Bnews-politics-14114%3Bspecial-coverage-24850%3Bvideo-3020%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_editors_picks-6044%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfeatured-news-18108%3B&cd5=%3Bcoronavirus-outbreak-28902%3Bchina-10%3Bnews-8%3Bnews-politics-14114%3Bspecial-coverage-24850%3Bvideo-3020%3Bfrnt_category_headings-6048%3Bfrnt_editors_picks-6044%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfeatured-news-18108%3B&cd21=431784&cd22=olivia-li&cd23=Olivia%20Li&cd26=CCP%20Virus&cd28=%3BCCP%20Virus%3BChina%3BNews%3BNews%20%26amp%3B%20Politics%3BSpecial%20Coverage%3BVideos%3B&cd29=%3Bcoronavirus%3Bbats%3B&cd30=20200206&cd31=20200208&cd33=755&cd38=266&cd42=%3Bcoronavirus%3Bbats%3B&cd43=post&z=536621304 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_gid=317277399.1587409373&gjid=391070848&_v=j81&z=536621304 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_v=j81&z=536621304 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_v=j81&z=536621304&slf_rd=1&random=2196443207

Request Chain 54

https://js.spotx.tv/directsdk/v1/232511.js HTTP 307
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js

Request Chain 83

https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f52512-8339-11ea-8081-12c791b7f306;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603

Request Chain 90

https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657

Request Chain 100

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t

Request Chain 110

https://sync.search.spotxchange.com/partner?source=dados HTTP 302
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=8a3cc04b-8339-11ea-9211-175cf56a2206

Request Chain 142

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 152

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 153

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 157

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=46M_pbD3Y_D78D_24aArpOGjZPT7ozf556SR_Gt1 HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=46M_pbD3Y_D78D_24aArpOGjZPT7ozf556SR_Gt1&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0

Request Chain 160

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/1A89f5da20-8339-11ea-9a0a-126272b4dea0?gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-lu8cClh1lxnWBo0HcOwgdPF_C8gdiDEJuHhZ&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lu8cClh1lxnWBo0HcOwgdPF_C8gdiDEJuHhZ&_origin=0&nsync=0&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc= HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESECwZY_f4OyG_f6C19QM63oc&google_cver=1

182 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request the-origin-of-the-coronavirus-report_431784.html Show response
www.ntd.com/ 40 KB
11 KB 842ms
678ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e6f360451d13af2c218c9a46f2829c35cffc6ba17b7b9c004b89fa38955b072d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ntd.com
:scheme: https
:path: /the-origin-of-the-coronavirus-report_431784.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 20 Apr 2020 19:02:51 GMT
accept-ranges: bytes
cache-control: max-age=579
content-encoding: gzip
content-length: 11491
content-type: text/html; charset=UTF-8
x-hw: 1587409370.cds106.lo4.hn,1587409370.cds030.lo4.sc,1587409371.dop109.sj3.r,1587409371.cds090.sj3.c,1587409371.cds030.lo4.p
server: nginx/1.12.2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-device: desktop
x-cache-status: MISS

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 101 KB
26 KB 132ms
60ms Script
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 4a00675b8c87652e40f28d1227312676cb5e3bf2843b8345667ee4019e010c2f

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:43:43 GMT
content-encoding: gzip
server: Server
age: 11948
etag: bc726bd93b294102308646406d010850
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 345viAht6Pmq5HtHRpm6hta3AkYt16oIo6teOs47bSX10Nm9fSavaA==
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)

GET
H2 200 prebid.js Show response
www.ntd.com/assets/themes/m-ntd/js/ads/ 242 KB
91 KB 472ms
471ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

1e15a553418c91bb9ec37ee13b612f32900a2caed8ce02c05b1fb20d0adb9954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 23:55:53 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e3a047e-3c62c"
x-hw: 1587409371.cds106.lo4.hn,1587409371.cds068.lo4.sc,1587409371.dop032.sj3.r,1587409372.cds113.sj3.sc,1587409372.cds113.sj3.pr,1587409372.cds068.lo4.pr
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
content-length: 92905
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 style.css
www.ntd.com/assets/themes/ntd/ 2 KB
1 KB 468ms
467ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-6aa"
x-hw: 1587409371.cds106.lo4.hn,1587409371.cds230.lo4.sc,1587409371.dop049.sj3.r,1587409372.cds101.sj3.sc,1587409372.cds101.sj3.pr,1587409372.cds230.lo4.pr
content-type: text/css
status: 200
cache-control: max-age=1800
content-length: 859
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.ntd.com/assets/themes/ntd/css/ 11 KB
3 KB 512ms
510ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20180618

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

960cadb52c2c9f1692cf3b8b627461f614eacb571905c317dd2b7b8690530e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 17:05:12 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e345e3f-2bf2"
x-hw: 1587409371.cds106.lo4.hn,1587409371.cds079.lo4.sc,1587409371.dop054.sj3.r,1587409372.cds028.sj3.sc,1587409372.cds028.sj3.pr,1587409372.cds079.lo4.pr
content-type: text/css
status: 200
cache-control: max-age=1800
content-length: 2916
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/ 39 KB
25 KB 512ms
510ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

30bd6098581fbccba074c2add1a6ed20a48e00504e2594f47c5c40ad1bb2d196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 20:34:11 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5cb63c2c-9d11"
x-hw: 1587409371.cds106.lo4.hn,1587409371.cds222.lo4.sc,1587409371.dop052.sj3.r,1587409372.cds056.sj3.sc,1587409372.cds056.sj3.pr,1587409372.cds222.lo4.pr
content-type: text/css
status: 200
cache-control: max-age=1800
content-length: 25573
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 single.css
www.ntd.com/assets/themes/ntd/css/ 16 KB
4 KB 516ms
515ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20171027

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b63427a37dc387587f9dc071dd62f31c465645438815942af389cdfe00a6dfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Mar 2020 20:35:57 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e62b423-4090"
x-hw: 1587409371.cds106.lo4.hn,1587409371.cds207.lo4.sc,1587409371.dop116.sj3.r,1587409372.cds086.sj3.sc,1587409372.cds086.sj3.pr,1587409372.cds207.lo4.pr
content-type: text/css
status: 200
cache-control: max-age=1800
content-length: 4231
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_ntd_evening_news.jpg
www.ntd.com/assets/themes/ntd/images/shows/ 26 KB
26 KB 480ms
478ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_ntd_evening_news.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

972b15b841172b74c3f4c164f912ef352106b1b407b4408cbc9dac08ff10947b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Sat, 22 Jun 2019 13:47:07 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5d0e3148-68b8"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds063.lo4.sc,1587409372.dop096.sj3.r,1587409372.cds099.sj3.sc,1587409372.cds099.sj3.pr,1587409372.cds063.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 26808
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_china_in_focus.jpg
www.ntd.com/assets/themes/ntd/images/shows/ 23 KB
23 KB 504ms
502ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_china_in_focus.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

1add85f6e4edc1911d0694ce93c1597bcbfb9722f3aa4188ff15a87b76d19252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Feb 2020 15:11:59 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e553932-5be0"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds246.lo4.sc,1587409372.dop124.sj3.r,1587409372.cds063.sj3.sc,1587409372.cds063.sj3.pr,1587409372.cds246.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 23520
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_zooming_in.jpg
www.ntd.com/assets/themes/ntd/images/shows/ 15 KB
15 KB 495ms
493ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_zooming_in.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7cdaf8f478d25251fad3edc8e986af1ec338dce6176f2b4158c2eb87286a8d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-3c5d"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds072.lo4.sc,1587409372.dop015.sj3.r,1587409372.cds049.sj3.sc,1587409372.cds049.sj3.pr,1587409372.cds072.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 15453
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_china_uncensored.jpg
www.ntd.com/assets/themes/ntd/images/shows/ 20 KB
20 KB 498ms
496ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_china_uncensored.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

9c14cdab1260c8377dfc355aad2327a61280f2def4cca49c97599ea949abbd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-4ffa"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds073.lo4.sc,1587409372.dop014.sj3.r,1587409372.cds052.sj3.sc,1587409372.cds052.sj3.pr,1587409372.cds073.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 20474
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_legends_unfolding.jpg
www.ntd.com/assets/themes/ntd/images/shows/ 39 KB
39 KB 496ms
494ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_legends_unfolding.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

aad0d028bb6d1a8812708f103d9afa187babfd87ecb0156ad5ff5766de36b7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-9c76"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds230.lo4.sc,1587409372.dop016.sj3.r,1587409372.cds123.sj3.sc,1587409372.cds123.sj3.pr,1587409372.cds230.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 40054
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_what-defines-you.jpg
www.ntd.com/assets/themes/ntd/images/shows/ 27 KB
27 KB 512ms
510ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_what-defines-you.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

55c8b00bfd680121fa4957c18c6f501a79b3d9fa67d8ca22ed931628868e970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Nov 2019 20:37:25 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5dcb17f1-6c1a"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds208.lo4.sc,1587409372.dop011.sj3.r,1587409372.cds047.sj3.sc,1587409372.cds047.sj3.pr,1587409372.cds208.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 27674
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 jwplayer8-all.js Show response
vs.youmaker.com/js/jwplayer/ 95 KB
30 KB 175ms
68ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 72f5c5e44c593d8fe36877e69a41858a3f21b63eec02d75d6395a6805feb7228

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1587409372.cds060.lo4.hn,1587409372.cds059.lo4.c
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 30969
via: 1.1 google

GET
H2 200 api2.css
vs.youmaker.com/css/ 7 KB
2 KB 196ms
89ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/css/api2.css
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9ecabfb81b446eb931e3def6a04d94f1a9d093c4cc3a7a9c549189893fbeb340

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
server: nginx/1.16.1
x-hw: 1587409372.cds060.lo4.hn,1587409372.cds218.lo4.c
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1712
via: 1.1 google

GET
H2 200 171fb357-1437-4838-a4c3-4c279336d785 Show response
vs.youmaker.com/assets/player/ 44 KB
11 KB 563ms
458ms Script
application/json 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/player/171fb357-1437-4838-a4c3-4c279336d785?r=16x9&s=1280x720&d=136&cat=news/special-coverage/coronavirus-outbreak&api=2&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9113ec0d497619fec179752176efe4c2a1a63eabcf2945143b05324cc329217e

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
server: nginx/1.16.1
status: 200
x-hw: 1587409372.cds060.lo4.hn,1587409372.cds234.lo4.sc,1587409372.dop073.ch4.r,1587409372.cds165.ch4.c,1587409372.cds234.lo4.p
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2957
accept-ranges: bytes
alt-svc: clear
content-length: 10852
via: 1.1 google

GET
H2 200 white.png
www.ntd.com/assets/themes/ntd/images/ 95 B
284 B 511ms
510ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-5f"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds071.lo4.sc,1587409372.dop016.sj3.r,1587409372.cds028.sj3.sc,1587409372.cds028.sj3.pr,1587409372.cds071.lo4.pr
content-type: image/png
status: 200
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 US-canada-border-2-400x225.jpg
www.ntd.com/assets/uploads/external/2020/04/ 18 KB
18 KB 561ms
559ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/external/2020/04/US-canada-border-2-400x225.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

fddda813b7c37c3af7ccc2589dc13c1858694a523431f775ccd21966eac27f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 18:06:54 GMT
server: nginx/1.12.2
etag: "5e9de4be-4883"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds033.lo4.sc,1587409372.dop118.sj3.r,1587409372.cds106.sj3.sc,1587409372.cds106.sj3.pr,1587409372.cds033.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 18563
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 Medical-workers-NY-400x225.jpg
www.ntd.com/assets/uploads/2020/04/ 21 KB
21 KB 562ms
561ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/04/Medical-workers-NY-400x225.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

5990f8d30ec682c9e8fc782f862336a651ae23d12e4dbe4d6c54553e1078a93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 17:38:20 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e8f5d8c-5429"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds242.lo4.sc,1587409372.dop051.sj3.r,1587409372.cds114.sj3.sc,1587409372.cds114.sj3.pr,1587409372.cds242.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 21545
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 Peter-Navarro-1-e1587336060422-270x152.jpg
www.ntd.com/assets/uploads/2020/04/ 8 KB
8 KB 561ms
560ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/04/Peter-Navarro-1-e1587336060422-270x152.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6ee8a1d6bca26e16486db23a53f521b2f629c8dea0c9fa8e0246952c70ca82ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 19 Apr 2020 22:53:53 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e9cd681-2109"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds233.lo4.sc,1587409372.dop049.sj3.r,1587409372.cds099.sj3.sc,1587409372.cds099.sj3.pr,1587409372.cds233.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 8457
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 nancy-pelosi-270x152.jpg
www.ntd.com/assets/uploads/2020/03/ 12 KB
12 KB 561ms
560ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/03/nancy-pelosi-270x152.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

066261292985e2854140f13c4e1110268ef21ab631e461baa6f9de364896dcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Mar 2020 00:19:41 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e6c231d-3089"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds002.lo4.sc,1587409372.dop047.sj3.r,1587409372.cds093.sj3.sc,1587409372.cds093.sj3.pr,1587409372.cds002.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 12425
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 huawei-000001-270x152.jpg
www.ntd.com/assets/uploads/external/2019/08/ 9 KB
9 KB 562ms
561ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/external/2019/08/huawei-000001-270x152.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

cd25c89ad315bec12c7716669ff1ccb7e2a0e1e4fa07bc225be895806184efea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 03:01:25 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5d674005-24d7"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds033.lo4.sc,1587409372.dop115.sj3.r,1587409372.cds067.sj3.sc,1587409372.cds067.sj3.pr,1587409372.cds033.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 9431
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 jquery-all.min.js Show response
www.ntd.com/assets/themes/ntd/js/ 98 KB
40 KB 476ms
473ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:14 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-188ff"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds002.lo4.sc,1587409372.dop090.sj3.r,1587409372.cds114.sj3.sc,1587409372.cds114.sj3.pr,1587409372.cds002.lo4.pr
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.js Show response
www.ntd.com/assets/themes/ntd/js/ 19 KB
7 KB 497ms
494ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20170629

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3b96049e7559c9fd23acf2d3592b14089f7e0434f2a7c3f92139a5cd61e9f121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Mar 2020 20:35:57 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e62b423-4d21"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds203.lo4.sc,1587409372.dop093.sj3.r,1587409372.cds067.sj3.sc,1587409372.cds067.sj3.pr,1587409372.cds203.lo4.pr
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
content-length: 6555
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 article_ads.js Show response
www.ntd.com/assets/themes/ntd/js/ 35 KB
10 KB 499ms
497ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20170224

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7af2684e67a5acdab0c7aed20ba26b616544ed66f463b963bbedfd33933786ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 17:05:13 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e345e3f-8d90"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds109.lo4.sc,1587409372.dop011.sj3.r,1587409372.cds056.sj3.sc,1587409372.cds056.sj3.pr,1587409372.cds109.lo4.pr
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
content-length: 10488
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 109ms
39ms XHR
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 23:07:15 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 71737
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 23:46:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: PVzAJfW32gHxur_vSOnDW5m3P5f6OfWTtbtLnWU1lUUQuON8FjY18w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 56 KB
21 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b9be85c8fee682a6486fddb9674b0afe6421d4d65151269ad369686ffa7acc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20922
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Apr 2020 19:02:52 GMT

GET
H2 200 NTD_logo.png
www.ntd.com/assets/themes/ntd/images/ 4 KB
4 KB 793ms
793ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20180618
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Dec 2019 20:12:29 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e051420-f46"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds067.lo4.sc,1587409372.dop110.sj3.r,1587409372.cds111.sj3.sc,1587409372.cds111.sj3.pr,1587409372.cds067.lo4.pr
content-type: image/png
status: 200
cache-control: max-age=315360000
content-length: 3910
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40ceae6bd92a140b2e4e433abc54f77d6d5e7ec0ea55e93b47cea25b9d96a11d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.ntd.com

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 133ms
54ms Script
application/x-javascript 23.213.14.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.14.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-93.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 21 Apr 2020 19:02:52 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1587409372350&ns_c=UTF-8&cv=3.5&c8=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1587409372350&ns_c=UTF-8&cv=3.5&c8=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%...

0
248 B

41ms
41ms

Image
text/plain

23.213.14.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1587409372350&ns_c=UTF-8&cv=3.5&c8=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&c7=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&c9=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.14.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-93.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1587409372350&ns_c=UTF-8&cv=3.5&c8=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&c7=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&c9=
Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.5.5/ 235 KB
58 KB 29ms
13ms Script
application/javascript 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/jwplayer.core.controls.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b42bc9808ac7826250c21597941c56744ee8ae6cda1303264146f6e427bf9cdf

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
age: 6025796
x-cache: HIT
status: 200
content-length: 59737
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
last-modified: Thu, 06 Sep 2018 20:23:24 GMT
server: nginx/1.8.0
x-timer: S1587409373.944196,VS0,VE1
etag: "a0935a9097c992aeb85470217127f7d0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/plugins/googima/v/8.5.0/ 48 KB
15 KB 28ms
14ms Script
text/plain 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.5.0/googima.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 0fd4a95129f60df367ba095d53f4147bd4720b8c1d4eb3f9d30ee40a4064d685

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
age: 12765705
x-cache: HIT
status: 200
content-length: 15008
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
last-modified: Fri, 24 Aug 2018 18:08:08 GMT
server: nginx/1.8.0
x-timer: S1587409373.944189,VS0,VE1
etag: "2c7595808dc2f75b0ac9115a66c236fb"
vary: Accept-Encoding
content-type: text/plain
via: 1.1 varnish
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.5.5/ 51 KB
16 KB 28ms
14ms Script
text/plain 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/jwpsrv.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
age: 497
x-cache: HIT
status: 200
content-length: 16060
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
last-modified: Mon, 15 Jul 2019 19:54:58 GMT
server: nginx/1.8.0
x-timer: S1587409373.944181,VS0,VE0
etag: "9ce4655dbc7b8410f510da753f3be441"
vary: Accept-Encoding
content-type: text/plain
via: 1.1 varnish
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 60

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.5.5/ 94 KB
21 KB 22ms
8ms Script
application/javascript 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/related.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 24b523ea23dc7c9a4171816f9096810e291962a0df994043d91be861d8213251

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
age: 14244161
x-cache: HIT
status: 200
content-length: 21046
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
last-modified: Thu, 06 Sep 2018 20:23:29 GMT
server: nginx/1.8.0
x-timer: S1587409373.944164,VS0,VE0
etag: "41f51460d1e191a5526deced222d5ceb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 33106

GET
H2 200 thumbnail_d.jpg
vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/ 24 KB
24 KB 57ms
56ms Image
image/jpeg 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/thumbnail_d.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 1865547c6a6698617940fcab97c741a8070a86bb25c7991a54410a289ff97ca7

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
via: 1.1 google
server: nginx/1.16.1
status: 200
x-hw: 1587409372.cds060.lo4.hn,1587409372.cds244.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 24105

GET
H2 200 Arrow.png
vs.youmaker.com/img/ 191 B
258 B 66ms
65ms Image
image/png 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vs.youmaker.com/img/Arrow.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cbe3d4a0e5bd00a308c882c4e0a9e276c4d79125143a6e2059dd90998181fd5d

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1587409372.cds060.lo4.hn,1587409372.cds001.lo4.c
content-type: image/png; charset=UTF-8
status: 200
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 191

GET
H2 200 NTD_video_logo_thumbnail.png
vs.youmaker.com/img/ 6 KB
6 KB 57ms
57ms Image
image/png 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vs.youmaker.com/img/NTD_video_logo_thumbnail.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ad525c60a11751ad1110157afffe0aef51a5cb953ff46f88a832af8192e553e4

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
via: 1.1 google
server: nginx/1.16.1
x-hw: 1587409372.cds060.lo4.hn,1587409372.cds081.lo4.c
content-type: image/png; charset=UTF-8
status: 200
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 6055

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.5.5/ 282 KB
80 KB 33ms
22ms Script
application/javascript 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 5d68589f57aede8fec0f11156341a9b5ce259a8a17a64a19f29957de3a977407

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:52 GMT
content-encoding: gzip
age: 2917901
x-cache: HIT
status: 200
content-length: 81996
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
last-modified: Thu, 06 Sep 2018 20:23:28 GMT
server: nginx/1.8.0
x-timer: S1587409373.944158,VS0,VE1
etag: "e326d1239177f0bf4cc5b763787fcbae"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 article_share.png
www.ntd.com/assets/themes/ntd/images/ 323 B
528 B 469ms
469ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/article_share.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

f20e99aabc8453a890df8c2a3a57202d4b8ea4fd1cef43eac6bff83c9049da60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20171027
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6be0-143"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds205.lo4.sc,1587409373.dop120.sj3.r,1587409373.cds114.sj3.sc,1587409373.cds114.sj3.pr,1587409373.cds205.lo4.pr
content-type: image/png
status: 200
cache-control: max-age=315360000
content-length: 323
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5058
date: Mon, 20 Apr 2020 17:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 20 Apr 2020 19:38:34 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 141ms
36ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
age: 74197
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19121-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1587409373.073301,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 384 KB
108 KB 402ms
308ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dd95769c9eec0641d1dea89d61324e5303b7c0d00ee25595e956665b07533629

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 20 Apr 2020 19:02:53 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
expires: Mon, 20 Apr 2020 19:32:53 GMT

GET
H2 200 screenshot-of-post.jpeg
www.ntd.com/assets/uploads/2020/02/ 184 KB
184 KB 615ms
613ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/02/screenshot-of-post.jpeg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

820faa075385fda77ff867e042f2d4e834839d6eb22ad4aa6ac7fd849d549045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Feb 2020 15:58:34 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e3d892a-2e089"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds091.lo4.sc,1587409373.dop019.sj3.r,1587409373.cds083.sj3.sc,1587409373.cds083.sj3.pr,1587409373.cds091.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 188553
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 Executive-director-of-WH-Group-and-Smithfield-e1587056263670-137x77.jpg
www.ntd.com/assets/uploads/2020/04/ 3 KB
4 KB 476ms
474ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/04/Executive-director-of-WH-Group-and-Smithfield-e1587056263670-137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e52efa33803461b9689a13f065ec3b636acfb2437c95f725d9304f05877b327b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 17:10:35 GMT
server: nginx/1.12.2
etag: "5e98918b-d5a"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds074.lo4.sc,1587409373.dop027.sj3.r,1587409373.cds028.sj3.sc,1587409373.cds028.sj3.pr,1587409373.cds074.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 3418
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 China-2-137x77.jpg
www.ntd.com/assets/uploads/external/2020/04/ 4 KB
5 KB 476ms
474ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/external/2020/04/China-2-137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

91f2a54862209256b620e6d831e04102ff5e0eac5325f303c2592cfbb75aa34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Apr 2020 22:30:25 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e851601-119e"
x-hw: 1587409372.cds106.lo4.hn,1587409372.cds209.lo4.sc,1587409373.dop112.sj3.r,1587409373.cds052.sj3.sc,1587409373.cds052.sj3.pr,1587409373.cds209.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 4510
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 wuhan-hospital-waiting-chairs-137x77.jpg
www.ntd.com/assets/uploads/external/2020/02/ 4 KB
5 KB 476ms
475ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/external/2020/02/wuhan-hospital-waiting-chairs-137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

83825cb1a56b1e0873e1ef46aae857f4c6fc3625ad76b91db99dd87678e620fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 04:02:11 GMT
server: nginx/1.12.2
etag: "5e4f5643-116d"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds008.lo4.sc,1587409373.dop008.sj3.r,1587409373.cds028.sj3.sc,1587409373.cds028.sj3.pr,1587409373.cds008.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 4461
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 CCP-Virus-coronavirus-137x77.jpg
www.ntd.com/assets/uploads/2020/03/ 4 KB
4 KB 487ms
486ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/03/CCP-Virus-coronavirus-137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2e1721845e089472f14c195b336d16098543b380331daa48767b5219aafbf90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 02:49:39 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5e72ddc3-fdf"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds098.lo4.sc,1587409373.dop098.sj3.r,1587409373.cds109.sj3.sc,1587409373.cds109.sj3.pr,1587409373.cds098.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 4063
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 Giuseppe-Conte-and-Xi-Jinping.--137x77.jpg
www.ntd.com/assets/uploads/2020/03/ 4 KB
4 KB 476ms
475ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/2020/03/Giuseppe-Conte-and-Xi-Jinping.--137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

5787b57944bba1fa9e32abc02428e18ed537f675d7f6dd9a79401daece3ae0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 01:57:55 GMT
server: nginx/1.12.2
etag: "5e6ae8a3-1131"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds231.lo4.sc,1587409373.dop019.sj3.r,1587409373.cds054.sj3.sc,1587409373.cds054.sj3.pr,1587409373.cds231.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 4401
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 CORONAVIRUS-ITALY-137x77.jpg
www.ntd.com/assets/uploads/external/2020/03/ 4 KB
4 KB 476ms
475ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/external/2020/03/CORONAVIRUS-ITALY-137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

42e68db661993882ff824a841fcb5f11d8cb98466c58d4c23a204779b8983b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Mar 2020 21:57:42 GMT
server: nginx/1.12.2
etag: "5e66bbd6-f98"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds078.lo4.sc,1587409373.dop102.sj3.r,1587409373.cds093.sj3.sc,1587409373.cds093.sj3.pr,1587409373.cds078.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 3992
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1211517642-137x77.jpg
www.ntd.com/assets/uploads/external/2020/03/ 4 KB
5 KB 484ms
484ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/uploads/external/2020/03/GettyImages-1211517642-137x77.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ef2d99a585b1c6723d4d6f534847bc34dc65980a74d855aa7b57d04d784d06b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Mar 2020 19:17:22 GMT
server: nginx/1.12.2
etag: "5e67e7c2-11e4"
x-hw: 1587409372.cds106.lo4.hn,1587409373.cds008.lo4.sc,1587409373.dop104.sj3.r,1587409373.cds079.sj3.sc,1587409373.cds079.sj3.pr,1587409373.cds008.lo4.pr
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 4580
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2031152130&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&dp=%2Fthe-origin-of-the-coronaviru...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_gid=317277399.1587409373&gjid=391070848&_v=j81&z=536621304
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_v=j81&z=536621304
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_v=j81&z=536621304&slf_rd=1&random=2196443207

42 B
109 B

64ms
63ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_v=j81&z=536621304&slf_rd=1&random=2196443207

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1784740257.1587409373&jid=1370657149&_v=j81&z=536621304&slf_rd=1&random=2196443207
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 265 KB
90 KB 80ms
15ms Script
text/javascript 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc1e34a48def1d533dffd5785301f9075a0c163959aa377742c9759898670f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 92116
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 8Z4U0lMOEeSfryIACy4B0g.json Show response
entitlements.jwplayer.com/ 50 B
235 B 26ms
6ms XHR
application/json 2606:2800:133:9a:24ed:9b6:1020:2655
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/8Z4U0lMOEeSfryIACy4B0g.json
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:9a:24ed:9b6:1020:2655 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FB2) /
Resource Hash: 4e79c52a8e8d4f7c4eb7792ac9865e6d4cd664717e584640a145b928dad1c062

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 16:21:25 GMT
server: ECAcc (frc/8FB2)
age: 9688
status: 200
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=18240
accept-ranges: bytes
content-length: 66

POST reportad
vs.youmaker.com/ 0
0

GET
H/1.1

200
OK

directsdk.js Show response
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain

https://js.spotx.tv/directsdk/v1/232511.js
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js

420 KB
156 KB

192ms
82ms

Script
text/javascript

23.213.14.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.14.140 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1ebab26fbcab1b6f5b6e4b14917fe4f7985f71089a7b46daf57a2e23d3522884

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jan 2020 20:21:58 UTC
Server: nginx
Access-Control-Allow-Headers
ETag: 4e88d2917c85501940ef8787730bb9aa
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=163
Connection: keep-alive
Timing-Allow-Origin: *
X-SpotX-Build-Version: 1.31.0-20200116.1913
Content-Length: 158785

Redirect headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Last-Modified: Mon, 20 Apr 2020 19:02:53 UTC
Server: nginx
Location: //aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 51
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/ 402 B
565 B 249ms
94ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/playlist.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 15e576c781b7eee84ff47f678c7229d534547b0bc8c050c687cdc0c0f7a4214b

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
via: 1.1 google
server: nginx/1.16.1
status: 200
x-hw: 1587409373.cds039.lo4.hn,1587409373.cds247.lo4.c
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 402

GET
H2 200 adsct
t.co/i/ 43 B
448 B 291ms
195ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Mon, 20 Apr 2020 19:02:53 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9c06b179a19fc333ea0837b7c479fd10
x-transaction: 0069402a00dec5df
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 bridge3.381.3_en.html
imasdk.googleapis.com/js/core/ Frame 79A0 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.381.3_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.381.3_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 197874
date: Mon, 20 Apr 2020 07:18:49 GMT
expires: Tue, 20 Apr 2021 07:18:49 GMT
last-modified: Fri, 17 Apr 2020 20:13:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42244
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 85ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 64ms
64ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_240p/ 786 B
856 B 95ms
95ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_240p/playlist.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3704cee7bebd148376c4ffa115e0da2be6d4503141d8d9688495850ae948ec94

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
via: 1.1 google
server: nginx/1.16.1
status: 200
x-hw: 1587409373.cds039.lo4.hn,1587409373.cds040.lo4.c
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 786

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 42 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543e522a2c8bf14460348eede7a613104842df2a79903f92d64c94e0a09d4f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "492 / 144 of 1000 / last-modified: 1587399003"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14281
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 pubads_impl_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 118ms
46ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62526
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 out0000.ts Show response
vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_240p/ 266 KB
267 KB 56ms
55ms XHR
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_240p/out0000.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 68cf22beca0981b6f19542704bae886f9c9020505697164799c0d75bf3d74b13

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
via: 1.1 google
server: nginx/1.16.1
status: 200
x-hw: 1587409373.cds039.lo4.hn,1587409373.cds072.lo4.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 272788

GET
BLOB 200
OK addb0694-45ce-4258-920c-1cd5ea375ebb
https://www.ntd.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/addb0694-45ce-4258-920c-1cd5ea375ebb
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da0b6bd768635441dc20b2b8a7a185c27ef9eb812836b810390697a173addd1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 64094
Content-Type: text/javascript

GET
H2 200 rtbsmpubs.php Show response
hbx.media.net/ 50 KB
2 KB 194ms
194ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8CUBNN02K&region=nv&ptrid=8PRL4E7N3&requestString=154127862*97%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40154127862*159%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*175%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*178%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*222%7C336x280%7C8CUBNN02K%7C154127862_8CUBNN02K%40219315283*97%7C300x250~300x600%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40219315283*159%7C300x250~300x600%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*175%7C300x250~300x600%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*178%7C300x600~300x250%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*222%7C336x280~300x250%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40361572443*97%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40361572443*159%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*175%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*178%7C336x280~300x250%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*222%7C300x250%7C8CUBNN02K%7C361572443_8CUBNN02K%40432445934*97%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40432445934*159%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*175%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*178%7C336x280~300x250%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*222%7C336x280~300x250%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40457067574*97%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40457067574*159%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*175%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*178%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*222%7C300x250%7C8CUBNN02K%7C457067574_8CUBNN02K%40822340472*97%7C300x250~336x280%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40822340472*159%7C300x250~336x280%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*175%7C300x250~336x280%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*178%7C336x280~300x250%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*222%7C300x250~320x100~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%40833186455*97%7C970x250~728x90%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40833186455*159%7C970x250~728x90%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*175%7C970x250~728x90%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*178%7C970x250~728x90%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*222%7C728x90%7C8CUBNN02K%7C833186455_8CUBNN02K%40839126647*97%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40839126647*159%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*175%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*178%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*222%7C300x250%7C8CUBNN02K%7C839126647_8CUBNN02K%40895788568*97%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40895788568*159%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*175%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*178%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*222%7C300x250%7C8CUBNN02K%7C895788568_8CUBNN02K&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455%2C839126647%2C895788568&sd=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&bl=1&rt=5&dn=https://www.ntd.com&https=1&act=headerBid&prvReqId=215787839090393951587409373496&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.39322280475911175&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1185%2C%22ph%22%3A5367%7D&itype=HB&cc=CZ&ct=PRAGUE&prid=8PRVCXX19&ssa=1&switch=1&callback=window.advBidxc.rtbsheaderBid1S0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

610591d50e9ebd55e9ca5c13cc6187762f3cd33d9189632ed15dbe574b09284c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 20 Apr 2020 19:02:53 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1960
x-mnet-hl2: E
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 checksync.php
hbx.media.net/ Frame 6E4F 0
0 99ms
97ms Document
text/html 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUBNN02K&prvid=80%2C97%2C109%2C126%2C148%2C157%2C159%2C175%2C178%2C186%2C193%2C201%2C203%2C208%2C214%2C222%2C3008%2C3014&rtime=30&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUBNN02K&prvid=80%2C97%2C109%2C126%2C148%2C157%2C159%2C175%2C178%2C186%2C193%2C201%2C203%2C208%2C214%2C222%2C3008%2C3014&rtime=30&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Thu, 22 Oct 2020 19:02:53 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2304109731765178000V10; Expires=Tue, 20 Apr 2021 19:02:53 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=19134
expires: Tue, 21 Apr 2020 00:21:47 GMT
date: Mon, 20 Apr 2020 19:02:53 GMT
content-length: 6953

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
3 KB 214ms
120ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20170629
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: 9ca935fd88f150e1118da7b2381042d5bc0566dc275a643248f41677ccb82b1d

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Content-Encoding: gzip
Last-Modified: Monday, 20-Apr-2020 19:02:53 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 124 B
502 B 189ms
189ms XHR
text/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&pid=sk5Et4wdIy1YG&cb=0&ws=1600x1200&v=7.49.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: de432bb7a9a6878e9b090dc55b44dcf20ca86d201e482c42326da086ad9c79f3

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 131
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id: Poce-rWuvwopIW942QbakZVWU2tL51huYSIMD0Z0cBe14sVoelY_cw==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 42 B
398 B 165ms
55ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 42
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 148 B
490 B 311ms
149ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: da08924ee5c8c31741aa78c66713e9749544c2a58e7095798ac798a580a34cd9

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 148
Expires: 0

POST v1
dmx.districtm.io/b/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 231ms
69ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

92699e43517f3f5c257c188b8c6e922cf86e2f06d7d47057a04c5dc7aeef54e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.27:80
AN-X-Request-Uuid: 2b66926f-f384-4039-b75c-a3cb8ae05376
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
985 B 261ms
167ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=360717&v=7.2&r=%7B%22id%22%3A%221591c06e0010b78%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216cb2269fd8486d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217046990bd1774%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22188b212c88d564d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 532bf782f225a289f2c1dba933b3dd5a4a00aebe0567fa284a1996279665462e

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 469 B
738 B 259ms
89ms XHR
application/json 18.202.183.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32032&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Finvolvement-of-wuhan-p4-lab-questioned_3230182.html&ns=9318&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.183.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-183-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 78c449965c8c3d4a694be3e91828b69324cfa9b4995e17cc0e83eda67b100636

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
295 B 220ms
116ms XHR
application/json 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
762 B 207ms
46ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&tk_flint=pbjs_lite_v3.5.0&x_source.tid=ed9899d2-8a6e-490b-b6d6-cce9d0bdcf7d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.059740563884276954
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f99e45c162909f0ab1dc0bedb924b3908d644aa6fbb7987356da731d4a2c01da

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=345
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 124 B
503 B 163ms
162ms XHR
text/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&pid=sk5Et4wdIy1YG&cb=1&ws=1600x1200&v=7.49.01&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 8f8420558edd7c376064b59b9d13484367d1f8c471a898c873d555781557d8bd

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 131
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id: rS80xSiwXW1gKrlCo23i7pH5taLyBuy8ftG7ymHF0mELl2eNk1kSzg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 150 B
492 B 411ms
251ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: f3b726d90a99ac30a4587f08e4bfa431df540d76de558b04b342600525bcfa42

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 150
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 228ms
72ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

470103abb0b75faf96ae00d47e5ab104466cedc409b11eb35f1cdf2d6a21d50e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid: f5c3d4a6-dda6-426a-865a-ae1d99799b6d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
295 B 219ms
122ms XHR
application/json 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 469 B
738 B 250ms
89ms XHR
application/json 18.202.183.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Finvolvement-of-wuhan-p4-lab-questioned_3230182.html&ns=9318&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.183.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-183-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cc51d246a6c22015d403fa31809f989b853824f1fe346a4fc51937c3ed4bf06a

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
763 B 199ms
45ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&tk_flint=pbjs_lite_v3.5.0&x_source.tid=ba31d978-4853-48d4-b59a-f5e72f495ff0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9508036624931571
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 562d1ede30e101bd6b8f07a33f1409a6f829b65486b9d4bbdc07def92f0179ed

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=388
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

ADTECH;apid=1A89f52512-8339-11ea-8081-12c791b7f306;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f52512-8339-11ea-8081-12c791b7f306;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=15...

943 B
1 KB

161ms
161ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f52512-8339-11ea-8081-12c791b7f306;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ad096da12f382473da42b7d0a31e18bf59f5283394a90500f8febe1556f1e03a

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 943
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f52512-8339-11ea-8081-12c791b7f306;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=48253ed036706f1;misc=1587409373603
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST v1
dmx.districtm.io/b/ 0
0

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
985 B 246ms
162ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=360718&v=7.2&r=%7B%22id%22%3A%2245b37542f783a05%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22460baf063b754cc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2247cd6126eb767c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b798a779d1e4184aa06faa8e2bf45f21c2d032c8eb39e7291eba5763c1ea5713

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 124 B
503 B 199ms
198ms XHR
text/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&pid=sk5Et4wdIy1YG&cb=2&ws=1600x1200&v=7.49.01&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: a497ccda7ae909d4dec436c93f4fb6a73d7aff7afc26b45a5e87453ddb41a432

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 131
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id: ofnkRcEJJ5CQQ5LibupKmi0Kx_pNYfAevA3cwJQF3w_aNRBWpo4nbw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 150 B
492 B 296ms
191ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 60ae17b10c3fcd73ae02bd7ef7648f8916ad9cba28c21aec08c7930e9b1da547

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 150
Expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
295 B 165ms
123ms XHR
application/json 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
749 B 194ms
89ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=360724&v=7.2&r=%7B%22id%22%3A%22593f6e0b7aa80eb%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2260f6d40e3976ec7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2261231679d55830e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 340bca87ab2d1c8ce8d1fd6c345b547b88e52c8d381c2b14802f97225dd56d29

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2

200

ADTECH;apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657
https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=15...

945 B
1 KB

158ms
157ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ad0f5e6908ef00988befed26a40929ef41d38554a6ccab9e5dc9bb9828787643

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select006c.us-east-1.prod.adtech.aolcloud.net", "UserId": "6340DB4E29A325C80A6E1695F4EC794F"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0;cfp=1;rndc=1587409373;v=2;cmd=bid;cors=yes;alias=72941332e24156e;misc=1587409373657
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
763 B 194ms
53ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&tk_flint=pbjs_lite_v3.5.0&x_source.tid=5f9c8902-b842-4c87-a149-e779cc71a8bf&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.645936232039469
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: bdcb0fc7b6d741edbc251832dfd84a1511d253b1ea8cecb7ac0d8e77eb9623dc

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:53 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=356
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 469 B
737 B 201ms
96ms XHR
application/json 18.202.183.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Finvolvement-of-wuhan-p4-lab-questioned_3230182.html&ns=9318&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.183.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-183-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 65bda0b88646ba438060110a769733f8a5f338fe8a717cc6828356861cbdd924

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST v1
dmx.districtm.io/b/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 160ms
62ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aa8116cbb0d26520d13f8a60affa6366e1657d2e4a20eb6996ec806d1882c2c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:55 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.10:80
AN-X-Request-Uuid: 31d7af9a-8c9d-42fe-b40b-d29c702fc2ce
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 79ms
79ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2862353884344412&correlator=2743814531586915&output=ldjh&impl=fifs&adsid=NT&eid=21064170%2C21064370%2C21065393&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200420&iu_parts=5965368%2Cntd.tv_inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cnews-politics-14114%252Cspecial-coverage-24850%252Cvideo-3020%252Cfrnt_category_headings-6048%252Cfrnt_editors_picks-6044%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfeatured-news-18108%26site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&lmt=1587409373&dt=1587409373669&dlt=1587409371535&idt=2033&frm=20&biw=1585&bih=1185&oid=3&adxs=363&adys=4019&adks=1600640090&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&dssz=32&icsg=35184375244863&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=720x3007&msz=670x1&ga_vid=1784740257.1587409373&ga_sid=1587409374&ga_hid=2031152130&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

ccb7f15335793662507b92481fe584f59819126184d62839eaa1db54763889dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2221
x-xss-protection: 0
google-lineitem-id: 4981977339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138263809470
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
23 KB 70ms
70ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23935
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_720p/ 807 B
877 B 60ms
57ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_720p/playlist.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5a735d12905ab38d4a6bfa738e9529162797bc232867e2e3acba55f70679fc62

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
via: 1.1 google
server: nginx/1.16.1
status: 200
x-hw: 1587409373.cds039.lo4.hn,1587409373.cds070.lo4.c
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 807

GET
H2 200 out0000.ts Show response
vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_720p/ 2 MB
2 MB 96ms
95ms XHR
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2020/0205/171fb357-1437-4838-a4c3-4c279336d785/hls_720p/out0000.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 53c972729fa864f12e2f1d207a2ff442d93ab9a83bb85c054ec85d7be88148e0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
via: 1.1 google
server: nginx/1.16.1
status: 200
x-hw: 1587409373.cds039.lo4.hn,1587409373.cds228.lo4.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1650640

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 3AB1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t

0
0

246ms
245ms

Document
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A_A0K6WGsUuvj4ancmPOlEs|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Server: Server
Date: Mon, 20 Apr 2020 19:02:54 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 198
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A_A0K6WGsUuvj4ancmPOlEs; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 19:02:54 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 19:02:54 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Mon, 20 Apr 2020 19:02:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t
Set-Cookie: ad-id=A_A0K6WGsUuvj4ancmPOlEs|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 19:02:54 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0B5 0
0 66ms
65ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqRe-5VtLNp9KVhxA62vRIivvzhvYI8qPeEg5w50TsTtIBN-Bvnx0BZRRUOrvxD0ZgB-1e_KT9VO-r0vgDXXFl-_mkkd9E1Ku-51XpQa_hHk_h0shXpXTLOpylF0dD-k3SfvwPzyuyP3EU9PxvtUG2MaVjPtkjMpx6dhCHqzkMiD9h1NSA8yBAS-KALb7pWr3OSNeVhOlZdLSmAr7fBDPsKWVWoLd9mufOhayxiwVYwdqmIww1DnndXuxBIyZ16aHLYCgV7C7QYgoLl3glGhMmpQ84njEt&sai=AMfl-YSv5dN8vJZpINWW1B1Pfd2fKU4CxjnLVIOKjka1BVphhDrMBKejyYp8NoOfcVABb3EgKROtYasT4Qe36FAIoBNvmzXZuHWcPQxsPivb&sig=Cg0ArKJSzHwyp-JRc3OsEAE&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 19:02:53 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 tag Show response
a.teads.tv/page/92012/ Frame F0B5 787 B
685 B 66ms
65ms Script
application/javascript 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92012/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d207c715a923300f9f11a8b1f087cceecc59c755379a6f3530472cb1271b6dd

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 485
expires: Mon, 20 Apr 2020 20:02:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0B5 75 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxmraidlidarcontrol

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900de848cd7c523acdd777e17c5b3d2fd259d3ffbc6702fed2ecbfa9e83f3a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587123250781365"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28791
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587123250781365"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28347
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H/1.1 200
OK jsapi.v1.18.0.en_US.js Show response
static.mixi.media/static/jsapi/ 127 KB
39 KB 169ms
64ms Script
application/x-javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: 3018a9c957d99cd00f48773b79dfb1386ca3b7e365f3d5948f45809119fed60b

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 10:13:02 GMT
Server: nginx
ETag: W/"5d10a22e-1fa4b"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 67 KB
24 KB 168ms
63ms Script
application/x-javascript 136.243.42.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa50.imcmdb.net
Software: nginx /
Resource Hash: 819bceee609d030b3d3eefad3bfdafd549f85230fd80f04c044bdbe4ef128c8b

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Feb 2020 13:08:02 GMT
Server: nginx
ETag: W/"5e42a732-10a40"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 145ms
41ms Image
image/svg+xml 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 214ms
110ms Image
image/png 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=681058932151
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Target-Version: 2
Date: Mon, 20 Apr 2020 19:02:54 GMT
X-Target-Final: 20200420220254-0
Server: nginx
X-Target-Host: target2-1.sselp1
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00021
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Mon, 20 Apr 2020 19:02:53 GMT

GET
H2 200 digitrust.min.js Show response
cdn.digitru.st/prod/1/ 49 KB
14 KB 125ms
52ms Script
application/javascript 159.180.84.2
INSTART

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by: Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART, US),
Reverse DNS
Software: DTOrigin-IL /
Resource Hash: 64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:43:19 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 20:51:16 GMT
server: DTOrigin-IL
etag: "4075fa912cfaa93cb7d74358264fe3b9"
status: 200
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=86400
x-instart-request-id: 11942460419387753550:SEN01-CPVNPPRY15:1587409374:0
x-instart-cache-id: 29:1210835850335268277::1587159798
accept-ranges: bytes
content-type: application/javascript
content-length: 13632
expires: Sat, 18 Apr 2020 21:43:19 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=dados
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=8a3cc04b-8339-11ea-9211-175cf56a2206

0
588 B

111ms
110ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=8a3cc04b-8339-11ea-9211-175cf56a2206
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Mon, 20 Apr 2020 19:02:54 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 17
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Server: nginx
Location: /partner?source=dados&__user_check__=1&sync_id=8a3cc04b-8339-11ea-9211-175cf56a2206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 24
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame F0B5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e343b3cb445d8a3e5b6fcea667de64f74a12e4abd9cec565db5f5647278db77

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 663 KB
140 KB 47ms
45ms Script
text/javascript 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/92012/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c5d413c856b2427842aed4d3f5733804ef5fe77e78cf05f00d15086712be8c8

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:54 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 15:05:14 GMT
x-amz-request-id: ECADF8D5571FDB4D
etag: "f08a7adf191d739e47794423245889d9"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: c
accept-ranges: bytes
content-length: 143047
x-amz-id-2: LVM24HP3sD+yIc7VNpEg0IPW1ku/QVn4k1MgXFQ/lnsTCkAN3cAWbJpTwM/gdkLyBBfpIMiLK5s=
expires: Mon, 20 Apr 2020 19:32:54 GMT

GET
H2 200 dt.html
cdn.digitru.st/prod/1.5.41/ Frame 6A43 0
0 35ms
35ms Document
text/html 159.180.84.2
INSTART

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1.5.41/dt.html
Requested by: Host: cdn.digitru.st
URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART, US),
Reverse DNS
Software: DTOrigin-IL /
Resource Hash

Request headers

:method: GET
:authority: cdn.digitru.st
:scheme: https
:path: /prod/1.5.41/dt.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
content-type: text/html
content-length: 1951
expires: Tue, 21 Apr 2020 12:22:21 GMT
last-modified: Wed, 08 Jan 2020 20:51:16 GMT
cache-control: max-age=86400
content-encoding: gzip
date: Mon, 20 Apr 2020 12:22:21 GMT
accept-ranges: bytes
etag: "9223f2606b924de3a6346b0126773a9e"
x-instart-cache-id: 19:7447152003728715513::1587385340
x-instart-request-id: 13222796241378369559:SEN01-CPVNPPRY15:1587409374:0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
server: DTOrigin-IL

GET
H/1.1 200
OK api Show response
stat.media/counter/ 203 B
881 B 40ms
40ms Script
application/javascript 136.243.42.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/api?action=s1&payload=COeDAxIkOGZmYWZjNmMtMDNjYy00ZmFjLWJiM2QtZmJhNTY2OGJjY2EwGKaU48eZLiIkZTViN2E3NjAtNzY1My00NGIxLTg0OTEtZjk0NTIyYzVhMTQz&cb=_callbacks____0k98uk05p
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa50.imcmdb.net
Software: nginx /
Resource Hash: 92a689ad8dec4c351530a696a357d20b4e39bcfee7c3a82b38a81cc8b981d73d

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200 jsapi Show response
mixi.media/newdata/ 2 KB
2 KB 136ms
136ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?q=DAAAunMBAAAAAAAAAAAAAAAAAAAAAAAABioAAA..
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: 5978f6f4423720ff150ae75f7d318c89f2116fefcef9349f6d4817f01ef3d38a

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:54 GMT
Content-Encoding: gzip
Last-Modified: Monday, 20-Apr-2020 19:02:54 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
309 B 53ms
51ms Image
image/gif 23.213.14.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587409374283&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=12718518&cs_ucfr=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.14.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-93.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:02:54 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 268ms
113ms Image
image/gif 23.213.15.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&ts=1587409374280&pageId=92012&pid=99711&env=js-web&pfid=[pfid]&f=1&auctid=c5a02500-9bb1-4b3c-a329-ba18939933e3&fv=324-ssp-4942&referer=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.15.153 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 20 Apr 2020 19:02:54 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 267ms
112ms Image
image/gif 23.213.15.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&ts=1587409374281&pageId=92012&pid=99711&env=js-web&pfid=[pfid]&f=1&slot=polymorph&auctid=c5a02500-9bb1-4b3c-a329-ba18939933e3&fv=324-ssp-4942&referer=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.15.153 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 20 Apr 2020 19:02:54 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ad Show response
a.teads.tv/page/92012/ 461 B
639 B 152ms
151ms XHR
application/json 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92012/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&page=%7B%22id%22%3A92012%2C%22placements%22%3A%5B%7B%22id%22%3A99711%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A720%2C%22height%22%3A405%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22reason%22%3A220%7D%7D&auctid=c5a02500-9bb1-4b3c-a329-ba18939933e3&userId=298df21e-496b-429b-815e-18c599f2b212&formatVersion=2.22.61&env=js-web&netBw=9.1&ttfb=678
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47bf570c8d0f438fd3c221a02b9d6d6f7f6adadd914ddc8cd5cec2d68443fc85

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:54 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 321
expires: Mon, 20 Apr 2020 19:02:54 GMT

POST
H/1.1 204
No Content api Show response
stat.media/counter/ 0
135 B 195ms
97ms XHR
text/plain 136.243.42.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/api
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa50.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 20 Apr 2020 19:02:54 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK 7493040.jpeg
static8.mixi.media/img/400x300/ 47 KB
47 KB 178ms
96ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/7493040.jpeg
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: 5784f8180fb490b6bedecc2e143e4684a35581fd137d515e068505f78a47b836

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Tue, 14 Apr 2020 14:58:17 GMT
Server: nginx
ETag: W/"5e95cf89-1315c"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47750
Expires: Thu, 14 Apr 2022 14:58:24 GMT

GET
H/1.1 200
OK 7509066.jpeg
static5.mixi.media/img/400x300/ 60 KB
61 KB 176ms
96ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/7509066.jpeg
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: 58122bad8b676f1eb137667c2b4b73e344f3770f05d4e898ed83b9c80f09dabb

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Mon, 20 Apr 2020 05:55:10 GMT
Server: nginx
ETag: W/"5e9d393e-136c0"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61796
Expires: Wed, 20 Apr 2022 05:55:26 GMT

GET
H/1.1 200
OK 7464659.jpeg
static3.mixi.media/img/400x300/ 26 KB
26 KB 179ms
99ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/7464659.jpeg
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: c0d1de1f93b375904cc4cd8500635d320a363dfd71cf316477c5746c778f40c0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Mon, 06 Apr 2020 05:59:29 GMT
Server: nginx
ETag: W/"5e8ac541-3914b"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26253
Expires: Wed, 06 Apr 2022 05:59:53 GMT

GET
H/1.1 200
OK 7482484.jpeg
static4.mixi.media/img/400x300/ 52 KB
52 KB 180ms
91ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/7482484.jpeg
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: 35c5b97a8d1deb1af4f6e943331e93f149e6c61594532a5af99e8685ea11a4ab

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Fri, 10 Apr 2020 20:18:20 GMT
Server: nginx
ETag: W/"5e90d48c-37a3c"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53015
Expires: Sun, 10 Apr 2022 20:18:32 GMT

GET
H/1.1 200
OK 7501449.jpeg
static8.mixi.media/img/400x300/ 30 KB
31 KB 176ms
96ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/7501449.jpeg
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: f3cef7b00254ffaafdc3ea06cc59451d210ebfe88bde990ea0ed297adac931e7

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Fri, 17 Apr 2020 05:38:56 GMT
Server: nginx
ETag: W/"5e9940f0-67df"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30961
Expires: Sun, 17 Apr 2022 05:39:12 GMT

GET
H/1.1 200
OK 7506216.jpeg
static1.mixi.media/img/400x300/ 45 KB
45 KB 178ms
99ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.mixi.media/img/400x300/7506216.jpeg
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v1.18.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xn--mixi1-150-6yhy0b0b2iraqk8e8bzab9afg
Software: nginx /
Resource Hash: d48ea2abdc293af3e8f276fc4a124f0ff2866042d33a28d31a24743b94b816eb

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:54 GMT
Last-Modified: Sat, 18 Apr 2020 15:39:33 GMT
Server: nginx
ETag: W/"5e9b1f35-fa29"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46192
Expires: Mon, 18 Apr 2022 15:39:42 GMT

GET
H2 200 iframe
sync.teads.tv/ Frame E1A0 0
0 96ms
94ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=99711&userId=298df21e-496b-429b-815e-18c599f2b212&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&fromFormat=true&env=js-web&vid=d9053123-f663-4515-b07e-2ca6903af5a1&1587409374454
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?pid=99711&userId=298df21e-496b-429b-815e-18c599f2b212&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&fromFormat=true&env=js-web&vid=d9053123-f663-4515-b07e-2ca6903af5a1&1587409374454
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1; tt_viewer=d9053123-f663-4515-b07e-2ca6903af5a1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 20 Apr 2020 19:02:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Apr 2020 19:02:54 GMT
content-length: 623
set-cookie: tt_bluekai=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Tue, 21 Apr 2020 19:02:54 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None

POST
H/1.1 204
No Content 232511 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 442ms
118ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/232511
Requested by: Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
x-openrtb-version: 2.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-spotx-Exception-RESULT: exception
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
X-spotx-Exception-ID: SPOTMARKET.HALTED
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Require: 0.000302
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000006
X-SpotX-Timing-Page: 0.006624
Pragma: no-cache
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 20 Apr 2020 19:02:55 GMT
X-spotx-Exception-conf-RESULT: failure
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
X-SpotX-Timing-Page-Exception: 0.000021
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT: failure
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.003389
X-SpotX-Timing-Transform: 0.000253
X-SpotX-Timing-SpotMarket: 0.003389
X-spotx-Exception-0-ID: MARKET_HALTED
X-SpotX-Timing-Page-Misc: 0.001969
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-conf-ID: SPOTMARKET.DEALS_INACTIVE
X-SpotX-Timing-Page-Context: 0.000414
X-fe: 138
Last-Modified: Mon, 20 Apr 2020 19:02:55 GMT
Server: nginx
X-spotx-Exception-conf-Message: Channel ID '232511' has no active deals.
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-Mux: 0.000256

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 446ms
446ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2862353884344412&correlator=2743814531586915&output=ldjh&impl=fifs&adsid=NT&eid=21064170%2C21064370%2C21065393&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200420&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2%26mnetDNB%3D1%26mnetPageID%3D10%26mnetCV%3D3%26mnetCC%3DCZ%26mnetUGD%3D4&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cnews-politics-14114%252Cspecial-coverage-24850%252Cvideo-3020%252Cfrnt_category_headings-6048%252Cfrnt_editors_picks-6044%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfeatured-news-18108%26site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&lmt=1587409374&dt=1587409374656&dlt=1587409371535&idt=2033&frm=20&biw=1585&bih=1185&oid=3&adxs=183&adys=108&adks=1030851624&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&dssz=37&icsg=2286984198398015&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1220x250&msz=1220x250&psts=AKB7eCK90S5iADq6e4fzvqT6ddFVVE9baNQFiEwXrYL8YzsiZ3W1BMSdaVg8IMw6Pr-JWN1rlAY2GWUkUMdHhojrHVXfBQ&ga_vid=1784740257.1587409373&ga_sid=1587409374&ga_hid=2031152130&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

dd7bfc87b31b1bd2b336388c52e130ecd909452cea4cc92c6bcd413742b67fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3417
x-xss-protection: 0
google-lineitem-id: 5344722407
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308885247
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
762 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 19:02:54 GMT
server: ESF
date: Mon, 20 Apr 2020 19:02:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Apr 2020 19:02:54 GMT

GET
H2 200 / Show response
www.ntd.com/ntd-ajax/ 16 KB
7 KB 636ms
636ms XHR
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/ntd-ajax/?action=ntd_recommended_posts_callback&post_id=431784

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

10bfcc5834107982707969f9aa99013f7decd2e9ca0fd82d1ffc4b8859942166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.12.2
x-cache-status: HIT
x-hw: 1587409374.cds106.lo4.hn,1587409374.cds044.lo4.sc,1587409375.dop015.sj3.r,1587409375.cds054.sj3.sc,1587409375.cds054.sj3.p,1587409375.cds044.lo4.p
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
Origin: https://www.ntd.com

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 502555
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
Origin: https://www.ntd.com

Response headers

date: Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 499240
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:22:14 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1BB0 0
0 43ms
42ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUlnsyEJ2zWrJqTfgwNgqzcF4bxSvhvhNDyhRao5D46Jk4DGR6Mt2sVnf2Wtcjp2RjYPofdNJJAhZc4kjOna5i7X-F3LzXEQe91KgmVryL7WBQXDx1wuS5cAVQZzsKSJFs_3qgmJMMILznYI8ttzq4ouvWZflvSX2BIF7JEEViQijtlbzivM8xdUIuGVOvyvGLOPKPO4QR__5zgZBlSNBlYHGjhOZZ95AP38tJCnNM41vCuwB8c0Py1A5vNzzJ2eQ7c_Z_Oa8PFExndM4QdBGpkCfMJ4fwkUW31nwSiC5hecBw-GwDoKrw9kyfq3s&sai=AMfl-YSWNBpQctlja030umYqVn4amEWI3lA0ky08sNyfMoEKdeg1t-3J7DO_2GFFuD83JtsOsXhBGGf_pD1g3G3PUyTVLhSqz2bVhh3yRvS-Yw&sig=Cg0ArKJSzKD6eXtp8I_6EAE&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 19:02:55 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:55 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BB0 75 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900de848cd7c523acdd777e17c5b3d2fd259d3ffbc6702fed2ecbfa9e83f3a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587123250781365"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28791
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:02:55 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 1BB0 174 KB
174 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnrpHN2wEQARgBMghakO8-QSs4Dw&b2s=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed972e880f9b482af26e1cfa5002d9f66c8e2be2aab51487ad59831c6c34b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 19:38:18 GMT
x-content-type-options: nosniff
server: cafe
age: 429877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 178298
x-xss-protection: 0
expires: Wed, 22 Apr 2020 19:38:18 GMT

POST
H2 200 log Show response
adstat.youmaker.com/ 0
111 B 139ms
139ms XHR
text/plain 35.184.75.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adstat.youmaker.com/log
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.184.75.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.75.184.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Mon, 20 Apr 2020 19:02:55 GMT
server: nginx
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1BB0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7111f429c3dcc25ba3720f423d6762eb6996e4de91f081a735a5e557ffef48dd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 1BB0 53 KB
20 KB 82ms
82ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

63e3d3d37e1c737c7b8ebaaaadfd18602b88778c7c15a60aaa1898a34cae37cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 18:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2314
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20788
x-xss-protection: 0
server: cafe
etag: 1368059587780406144
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Apr 2020 19:24:21 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1BB0 0
325 B 388ms
160ms Other
image/gif 2607:f8b0:4001:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k98uk1gw&chm=1&ctx=2&qqid=CIGHkd_Y9-gCFZgW4AodHJsAxA&met.4=fb.1~lb.i0~ol.i1~idt.17q~dt.-cr&met.3=197.hv~123.ht_7~117.i1~118.i3_1~118.i4_1~118.i5~118.i6~118.il~113.km_2~112.kl_3&met.1=1.k98uk0wb~14.0~15.0~16.0~17.0~18.0~19.0~20.i0~21.i1~22.z~23.z&met.7=CCoQChgBIAIoAjAUOBI~CAQQBhgBIAIoAjALOAloA3AIeMvyCoAB-vAKiAH68AqwAQG4AQM~CCgQChgBII4FKI4FMOAFOFNojgVw4AV456MBgAG0ogGIAa6kA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c03::5e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3EF5 0
0 324ms
49ms Document
text/html 23.213.15.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.11 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-11.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 20 Apr 2021 19:02:56 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive

GET
H2

200

pd
u.openx.net/w/1.0/ Frame 9F08
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

0
0

54ms
50ms

Document
text/html

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376; Version=1; Expires=Tue, 20-Apr-2021 19:02:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587409376|mOgikimWiygu; Version=1; Expires=Tue, 05-May-2020 19:02:56 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 20 Apr 2020 19:02:56 GMT
content-type: text/html
content-length: 373
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=4dbddd81-a3e7-4259-bb98-5a7ec673b748|1587409376; Version=1; Expires=Tue, 20-Apr-2021 19:02:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Mon, 20 Apr 2020 19:02:56 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame AD3B 0
0 96ms
93ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 204
date: Mon, 20 Apr 2020 19:02:56 GMT
set-cookie: __cfduid=d7e0fa99110362af372d64de396ffbfca1587409376; expires=Wed, 20-May-20 19:02:56 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58711f592802e597-MAN
cf-request-id: 023a91ebb80000e597c713f200000001

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5041 0
0 310ms
60ms Document
text/html 23.213.15.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.11 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-11.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 20 Apr 2021 19:02:56 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 75B1 0
0 91ms
91ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 204
date: Mon, 20 Apr 2020 19:02:56 GMT
set-cookie: __cfduid=d7e0fa99110362af372d64de396ffbfca1587409376; expires=Wed, 20-May-20 19:02:56 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58711f592814e597-MAN
cf-request-id: 023a91ebbb0000e597c7140200000001

GET
H2 200 iframe
sync.teads.tv/ Frame F414 0
0 90ms
90ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?hb_provider=prebid&hb_version=3.5.0&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 153
expires: Mon, 20 Apr 2020 19:02:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
set-cookie: tt_bluekai=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2 200 iframe
sync.teads.tv/ Frame 5F3F 0
0 187ms
187ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?hb_provider=prebid&hb_version=3.5.0&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 153
expires: Mon, 20 Apr 2020 19:02:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
set-cookie: tt_bluekai=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame C4E7 0
0 247ms
55ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 03 Apr 2020 17:00:48 GMT
Content-Encoding: gzip
Content-Length: 9105
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=78466
Expires: Tue, 21 Apr 2020 16:50:42 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 2BAA 0
0 246ms
56ms Document
text/html 23.213.15.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.23 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-23.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=90045
Expires: Tue, 21 Apr 2020 20:03:41 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 iframe
sync.teads.tv/ Frame 4A1D 0
0 82ms
82ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0&
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?hb_provider=prebid&hb_version=3.5.0&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 153
expires: Mon, 20 Apr 2020 19:02:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
set-cookie: tt_bluekai=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sun, 19 Apr 2020 18:02:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 420E 0
0 354ms
57ms Document
text/html 23.213.15.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.11 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-11.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 20 Apr 2021 19:02:56 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive

GET
H2

200

pd
u.openx.net/w/1.0/ Frame E0B1
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

0
0

54ms
50ms

Document
text/html

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376; Version=1; Expires=Tue, 20-Apr-2021 19:02:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587409376|mOgikimWiygu; Version=1; Expires=Tue, 05-May-2020 19:02:56 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 20 Apr 2020 19:02:56 GMT
content-type: text/html
content-length: 373
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=5f95a7a9-6275-4155-af21-32b278871f4f|1587409376; Version=1; Expires=Tue, 20-Apr-2021 19:02:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Mon, 20 Apr 2020 19:02:56 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd
u.openx.net/w/1.0/ Frame FA57
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

0
0

59ms
55ms

Document
text/html

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376; Version=1; Expires=Tue, 20-Apr-2021 19:02:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587409376|mOgikimWiygu; Version=1; Expires=Tue, 05-May-2020 19:02:56 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 20 Apr 2020 19:02:56 GMT
content-type: text/html
content-length: 373
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=9638e894-7a83-445c-82f8-72512f4319ed|1587409376; Version=1; Expires=Tue, 20-Apr-2021 19:02:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Mon, 20 Apr 2020 19:02:56 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7B51 0
0 206ms
44ms Document
text/html 23.213.15.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.23 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-23.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=90045
Expires: Tue, 21 Apr 2020 20:03:41 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame DD7F 0
0 245ms
42ms Document
text/html 23.213.15.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.23 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-23.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=90045
Expires: Tue, 21 Apr 2020 20:03:41 GMT
Date: Mon, 20 Apr 2020 19:02:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame C7E4 0
0 87ms
87ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 204
date: Mon, 20 Apr 2020 19:02:56 GMT
set-cookie: __cfduid=d7e0fa99110362af372d64de396ffbfca1587409376; expires=Wed, 20-May-20 19:02:56 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58711f59da8ee597-MAN
cf-request-id: 023a91ec250000e597c714e200000001

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=46M_pbD3Y_D78D_24aArpOGjZPT7ozf556SR_Gt1
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=46M_pbD3Y_D78D_24aArpOGjZPT7ozf556SR_Gt1&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0

0
1 KB

52ms
51ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=46M_pbD3Y_D78D_24aArpOGjZPT7ozf556SR_Gt1&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:57 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 20 Apr 2020 19:02:57 GMT
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=46M_pbD3Y_D78D_24aArpOGjZPT7ozf556SR_Gt1&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 93ms
92ms Image
image/gif 63.32.144.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.144.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-144-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 95ms
92ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A89f52512-8339-11ea-8081-12c791b7f306&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0
https://pr-bh.ybp.yahoo.com/sync/adtech/1A89f5da20-8339-11ea-9a0a-126272b4dea0?gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-lu8cClh1lxnWBo0HcOwgdPF_C8gdiDEJuHhZ&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lu8cClh1lxnWBo0HcOwgdPF_C8gdiDEJuHhZ&_origin=0&nsync=0&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0

0
1 KB

40ms
39ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lu8cClh1lxnWBo0HcOwgdPF_C8gdiDEJuHhZ&_origin=0&nsync=0&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:56 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 20 Apr 2020 19:02:56 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lu8cClh1lxnWBo0HcOwgdPF_C8gdiDEJuHhZ&_origin=0&nsync=0&apid=1A89f5da20-8339-11ea-9a0a-126272b4dea0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 16ms
13ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A89f5da20-8339-11ea-9a0a-126272b4dea0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

POST
H2 200 log Show response
adstat.youmaker.com/ 0
111 B 156ms
156ms XHR
text/plain 35.184.75.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adstat.youmaker.com/log
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.184.75.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.75.184.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Mon, 20 Apr 2020 19:02:56 GMT
server: nginx
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1BB0 42 B
110 B 17ms
17ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiMwLclL-0LxO19udDft4wZxZ8S7BA5DEIODPDdRFALajhBMoaoDDqft9yzcua8TyASGO2T76TPijowF02BzY-wYMH0SPluJYxf-6j2gE&sig=Cg0ArKJSzCmH04XukKh9EAE&adk=1030851624&tt=-1&bs=1585%2C1185&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&p=108,308,358,1278&mcvt=1086&rs=0&ht=0&tfs=109&tls=1115&mc=1&lte=0&bas=0&bac=0&met=ie&la=1&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1587409375116&dlt&rpt=647&isd=0&msd=0&ext&xdi=0&ps=1593%2C6971&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-4-9-9-0-0-0&tvt=1113&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200417

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 104 KB
32 KB 125ms
56ms Script
application/javascript 23.203.69.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.69.229 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-69-229.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 638c69f12161684aff2dfd8510719da81a34acf2297ac996331e233ff51bca92

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Apr 2020 01:53:29 GMT
Server: Apache
x-amz-request-id: DEFEC1064F6681BD
ETag: "f7f0a099a0cf9116fd2efb30859b2d87"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32096
x-amz-id-2: WH4jg4VSmBOuahTAWOuhoKJ5BLWBY7YxKWZAA85wGGrGvqgaqgfyR0I6dRfD/cP7gy7YE1kZwp4=

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
64 B 100ms
99ms Image
text/plain 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1023937620&e=abq&n=9511732336592484&abc=0&aid=8Z4U0lMOEeSfryIACy4B0g&ask=00000000&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=1aamfda17k7o&i=0&lsa=fail&mt=0&pbd=1&pbr=1&pgi=1t09q781jrld&ph=0&pii=0&pl=506&plc=1&pli=ibkfupfjbe9w&pp=hlsjs&prc=1&ps=4&pss=0&pt=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&pu=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&pv=8.5.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Youmaker%20video&tv=3.13.0&vb=1&vi=1&vl=90&wd=900&ab=1&abid=r60ing7waaa0&abo=pre&apid=c8hnmdorzr00&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&asxi=232511&vpb=%7B%22spotx.id%22%3A232511%7D&sa=1587409378000
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:58 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19171-FRA

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
63 B 99ms
99ms Image
text/plain 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1513130061&e=abr&n=3313164209828809&abc=0&aid=8Z4U0lMOEeSfryIACy4B0g&ask=00000000&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=1aamfda17k7o&gfb=0&gifr=0&gios=0&i=0&lsa=fail&mt=0&pbd=1&pbr=1&pgi=1t09q781jrld&ph=0&pii=0&pl=506&plc=1&pli=ibkfupfjbe9w&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Chinese%20Netizens%20and%20Expert%20Suspect%20Wuhan%20Bioresearch%20Lab%20Is%20the%20Source%20of%20the%20Coronavirus&pu=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&pv=8.5.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Youmaker%20video&tv=3.13.0&vb=1&vi=0.96&vl=90&wd=900&ab=1&abid=r60ing7waaa0&abo=pre&apid=c8hnmdorzr00&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&asxb=0&asxi=232511&asxt=2341&vpb=%7B%22spotx.id%22%3A232511%2C%22spotx.result%22%3A0%2C%22spotx.timeForBidResponse%22%3A2341%7D&sa=1587409378000
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:02:58 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19171-FRA

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/ntd.com/ 603 B
962 B 1290ms
322ms Script
text/javascript 13.209.114.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/ntd.com/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.209.114.160 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-209-114-160.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e05c729bb91515f8fff54b36f8544d0922d8c0edb65bf8cfc69e16f75cbd6125

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"25b-1oa47cDIqJLUbE05zAWrLc+00A8"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 348

GET
H/1.1 200
OK view Show response
api.dable.io/logs/services/ntd.com/users/32659455.1587409379246/ 54 B
285 B 333ms
333ms Script
text/javascript 13.209.114.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/ntd.com/users/32659455.1587409379246/view?url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=431784&items%5B0%5D%5Bc1%5D=CCP%20Virus&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.theepochtimes.com%2Finvolvement-of-wuhan-p4-lab-questioned_3230182.html&cid=32659455.1587409379246&z=339376&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.209.114.160 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-209-114-160.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:02:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK sendid
ace-sync.toast.com/ 43 B
650 B 1312ms
326ms Image
image/gif 43.227.116.104
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ace-sync.toast.com/sendid?sid=dable&uid=32659455.1587409379246
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.227.116.104 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:03:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type,Accept
Content-Length: 43
Expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H/1.1 200
OK match
analytics.ad.daum.net/ 0
571 B 1531ms
324ms Image
image/webp 211.231.100.211
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.ad.daum.net/match?d=111&uid=32659455.1587409379246
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 211.231.100.211 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: analytics /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 19:03:00 GMT
Server: analytics
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/webp;charset=UTF-8
Content-Length: 0
X-Application-Context: analytics
Expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc=
https://adx.dable.io/pixel/google?google_gid=CAESECwZY_f4OyG_f6C19QM63oc&google_cver=1

35 B
194 B

935ms
311ms

Image
image/gif

3.34.12.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESECwZY_f4OyG_f6C19QM63oc&google_cver=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.12.189 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-12-189.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 20 Apr 2020 19:03:00 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:02:59 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESECwZY_f4OyG_f6C19QM63oc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 271ms
160ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Mon, 20 Apr 2020 19:03:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c67756f5e3d24e72b020d91af2316d6b
x-transaction: 0008503c00de672c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 115ms
49ms Image
image/gif 23.213.14.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=aplog&pid=8PRL4E7N3&itype=HB&dn=ntd.com&cid=8CUBNN02K&svr=2020042012_792&servname=c8-web-22&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001587409374597015088174089556&vsid=&sd=1&gtd=150&inid=0&gfd=450&cc=CZ&sc=&ct=PRAGUE&abte=CONTROL&adbd=0&amp=0&version=5.1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1185&pht=6971&cl=0&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=&crid=812916687&g=0&size=970x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=20&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=116086315120538011587409373993&act=headerBid&dtfdl=-1&dspltime=601&ttfd=1120&rtime=&dtc=&rtbsv2=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=117&btm=117&lft=182&rght=1402&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=450&ngFunDl=600&rDl=300&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=600&actltime=601&acsn=1&dfpDiv=article_top_ads_inner&dfpAdPath=&dfpPos=&sbdrid=&bbdrid=&td=%7C&lper=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html&kwrf=&epurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.14.49 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-49.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:03:01 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 20 Apr 2020 19:03:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3807cf0b68c422e1c7cf5e48adf29f7425eff8ee5087b3d2497bf7f8ada1fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 19:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0

POST
H/1.1 204
No Content api Show response
stat.media/counter/ 0
135 B 41ms
41ms XHR
text/plain 136.243.42.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/api
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa50.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 20 Apr 2020 19:03:00 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 20 Apr 2020 19:03:00 GMT

GET
H2 200 test Show response
www.youmaker.com/g/ 7 B
192 B 128ms
50ms XHR
text/plain 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/g/test
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept: */*
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:03:01 GMT
via: 1.1 google
server: nginx/1.16.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
status: 200
allow: GET, POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 7

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F077 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 20 Apr 2020 18:57:10 GMT
expires: Tue, 20 Apr 2021 18:57:10 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 350
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
49 B 22ms
21ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041602&jk=2862353884344412&bg=!lZallo5YS3ighq9UK1kCAAAANFIAAAAJmQFXdBGXZnQtbnHgOprbDmyEWr-HW2Mrcp1FJcYdck3WBBBDkiIBibMqQiFTukdji1gegx2_bkdPASBB3AN1KzKT39kXSKuiTMKnaWRtptQ0YHwMn3mLh8UIt-ePq_m6FzzAmXwMuwx5kGPQTjqSw7u1HCrrEYCHhLg9hr4ESkyqhiN88q3W4ape_o6FJaGLlsrcIWM8NBUjISXTMkGEPCYwiF2xkv443bJnOhbC8ZsG_gfYA_YiDkMOHScm_xUqUJtEhh3Wv8xRWXBkaFVKU_LywFqSXTeVcc8hkuJK1tYJrrQY3p6I-Wovwf_8ag5zVIzvO3xb_mBD6zR5b8o6S-Xdl5HSsq2wGxNS4u5Eu9jDTrzia5C-vYrULv7UKlIP7dprscQRaqCzgIqk7s98p0OoMwizLr8uUglLNGpqTqSflNIfOh5drObvUIJcCSeMQ7LO76Fe-mld8A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 19:03:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET widget.php
ai.epoch.cloud/widget-loaders/ 0
0

GET
H2 200 push_notif_ntd.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 59ms
35ms Script
application/javascript 2606:4700:3034::681b:a557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:a557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 19:03:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 19:08:58 GMT
server: cloudflare
age: 4075
etag: W/"5e4d87ca-189e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=14400
cf-ray: 58711f89c9fbdff7-FRA
cf-request-id: 023a920a210000dff711940200000001

GET
H/1.1 200
OK cbb358742efbe80005a15256de11d533.js Show response
clientcdn.pushengage.com/core/ 69 KB
17 KB 439ms
339ms Script
application/javascript 13.224.194.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1587409372954
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-89.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 21683b7133cef0c503a72bd9f27a79e57381d242aa194e85c0562a2e86a3ca90

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:03:04 GMT
Content-Encoding: gzip
Server: nginx
X-Amz-Cf-Pop: FRA2-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, s-maxage=120
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: vyzb4sU4XNO1eQnP0pB9B4Uor0OBa77fYilk0HSlfTCXud0S6mW5Yw==
Via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/ntd.com/id/431784/ 102 B
374 B 929ms
311ms Script
text/javascript 13.209.114.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/431784/checksum?callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.209.114.160 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-209-114-160.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9979ee2e1892ebe7eb34da522be3ac00fd3dd41743488b93c5378c711a812751

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 19:03:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"66-GcSIkJJeKHuzsCWMFGpU03QlD8o"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 113

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vs.youmaker.com
URL: https://vs.youmaker.com/reportad

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: ai.epoch.cloud
URL: https://ai.epoch.cloud/widget-loaders/widget.php?site=ntdnewsdesktop

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 11:06:25	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 09:40:01	Name: PugT Value: 1587409380
.pubmatic.com/	1970-01-19 09:40:01	Name: KRTBCOOKIE_22 Value: 14911-9147296125294550801&KRTB&23150-9147296125294550801
.pubmatic.com/	1970-01-19 09:40:01	Name: SPugT Value: 1587409380

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://vs.youmaker.com/assets/player/171fb357-1437-4838-a4c3-4c279336d785?r=16x9&s=1280x720&d=136&cat=news/special-coverage/coronavirus-outbreak&api=2&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html(Line 421) Message: vast_tag: https://pubads.g.doubleclick.net/gampad/ads?sz=640x480&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&url=https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html&description_url=https://www.ntd.com/the-origin-of-the-coronavirus-report_431784.html&correlator=[timestamp]&iu=%2F5965368%2FNTD_News_Preroll&pageurl=__page-url__
console-api	log	URL: https://vs.youmaker.com/assets/player/171fb357-1437-4838-a4c3-4c279336d785?r=16x9&s=1280x720&d=136&cat=news/special-coverage/coronavirus-outbreak&api=2&url=https%3A%2F%2Fwww.ntd.com%2Fthe-origin-of-the-coronavirus-report_431784.html(Line 422) Message: site: ntd.com
console-api	warning	URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js(Line 10) Message: JW Player Error 301129. For more information see https://developer.jwplayer.com/jw-player/docs/developer-guide/api/errors-reference#301129
console-api	log	URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js(Line 83) Message: log from _request, req.url = //vs.youmaker.com/reportad
console-api	log	URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js(Line 98) Message: uhm, failing, but... 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ace-sync.toast.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adstat.youmaker.com
adx.dable.io
ai.epoch.cloud
aka.spotxcdn.com
analytics.ad.daum.net
analytics.twitter.com
aol-match.dotomi.com
api.dable.io
as-sec.casalemedia.com
c.amazon-adsystem.com
cdn.digitru.st
cdn.districtm.io
clientcdn.pushengage.com
cm.g.doubleclick.net
csi.gstatic.com
dmx.districtm.io
entitlements.jwplayer.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
hblg.media.net
hbx.media.net
ib.adnxs.com
imasdk.googleapis.com
js.spotx.tv
match.adsrvr.org
mixi.media
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid.adnxs.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssl.p.jwpcdn.com
stat.media
static.ads-twitter.com
static.dable.io
static.mixi.media
static1.mixi.media
static3.mixi.media
static4.mixi.media
static5.mixi.media
static8.mixi.media
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.co
t.teads.tv
target.mixi.media
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
vs.youmaker.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ntd.com
www.youmaker.com
ai.epoch.cloud
dmx.districtm.io
vs.youmaker.com
104.16.68.69
104.244.42.133
104.244.42.67
13.209.114.160
13.224.194.89
13.225.86.250
136.243.217.162
136.243.42.207
151.101.12.157
151.139.128.10
151.139.128.11
159.180.84.2
172.217.21.194
172.217.22.66
18.202.183.121
185.33.221.89
185.94.180.123
185.94.180.125
185.94.180.127
211.231.100.211
23.203.69.229
23.210.248.12
23.213.14.140
23.213.14.49
23.213.14.93
23.213.15.11
23.213.15.153
23.213.15.23
23.213.15.82
23.37.42.132
2606:2800:133:9a:24ed:9b6:1020:2655
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:3034::681b:a557
2607:f8b0:4001:c03::5e
2a00:1288:110:c305::8000
2a00:1450:4001:806::200a
2a00:1450:4001:808::2006
2a00:1450:4001:809::2001
2a00:1450:4001:814::2003
2a00:1450:4001:818::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
2a00:1450:400c:c00::9d
2a02:fa8:8806:16::1400
2a04:4e42:3::626
3.126.56.137
3.34.12.189
34.95.120.147
35.184.75.251
35.201.68.206
37.252.161.190
43.227.116.104
52.58.138.174
52.95.123.41
63.32.144.14
69.173.144.143
72.247.224.27
91.228.74.253
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
066261292985e2854140f13c4e1110268ef21ab631e461baa6f9de364896dcd6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b9be85c8fee682a6486fddb9674b0afe6421d4d65151269ad369686ffa7acc3
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0fd4a95129f60df367ba095d53f4147bd4720b8c1d4eb3f9d30ee40a4064d685
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
10bfcc5834107982707969f9aa99013f7decd2e9ca0fd82d1ffc4b8859942166
15e576c781b7eee84ff47f678c7229d534547b0bc8c050c687cdc0c0f7a4214b
1865547c6a6698617940fcab97c741a8070a86bb25c7991a54410a289ff97ca7
1add85f6e4edc1911d0694ce93c1597bcbfb9722f3aa4188ff15a87b76d19252
1e15a553418c91bb9ec37ee13b612f32900a2caed8ce02c05b1fb20d0adb9954
1ebab26fbcab1b6f5b6e4b14917fe4f7985f71089a7b46daf57a2e23d3522884
21683b7133cef0c503a72bd9f27a79e57381d242aa194e85c0562a2e86a3ca90
24b523ea23dc7c9a4171816f9096810e291962a0df994043d91be861d8213251
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2c5d413c856b2427842aed4d3f5733804ef5fe77e78cf05f00d15086712be8c8
2dc1e34a48def1d533dffd5785301f9075a0c163959aa377742c9759898670f0
2e1721845e089472f14c195b336d16098543b380331daa48767b5219aafbf90a
3018a9c957d99cd00f48773b79dfb1386ca3b7e365f3d5948f45809119fed60b
30bd6098581fbccba074c2add1a6ed20a48e00504e2594f47c5c40ad1bb2d196
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
340bca87ab2d1c8ce8d1fd6c345b547b88e52c8d381c2b14802f97225dd56d29
35c5b97a8d1deb1af4f6e943331e93f149e6c61594532a5af99e8685ea11a4ab
3704cee7bebd148376c4ffa115e0da2be6d4503141d8d9688495850ae948ec94
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
3b96049e7559c9fd23acf2d3592b14089f7e0434f2a7c3f92139a5cd61e9f121
3e343b3cb445d8a3e5b6fcea667de64f74a12e4abd9cec565db5f5647278db77
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40ceae6bd92a140b2e4e433abc54f77d6d5e7ec0ea55e93b47cea25b9d96a11d
42e68db661993882ff824a841fcb5f11d8cb98466c58d4c23a204779b8983b6c
470103abb0b75faf96ae00d47e5ab104466cedc409b11eb35f1cdf2d6a21d50e
47bf570c8d0f438fd3c221a02b9d6d6f7f6adadd914ddc8cd5cec2d68443fc85
4a00675b8c87652e40f28d1227312676cb5e3bf2843b8345667ee4019e010c2f
4e79c52a8e8d4f7c4eb7792ac9865e6d4cd664717e584640a145b928dad1c062
532bf782f225a289f2c1dba933b3dd5a4a00aebe0567fa284a1996279665462e
53c972729fa864f12e2f1d207a2ff442d93ab9a83bb85c054ec85d7be88148e0
543e522a2c8bf14460348eede7a613104842df2a79903f92d64c94e0a09d4f11
55c8b00bfd680121fa4957c18c6f501a79b3d9fa67d8ca22ed931628868e970d
562d1ede30e101bd6b8f07a33f1409a6f829b65486b9d4bbdc07def92f0179ed
5784f8180fb490b6bedecc2e143e4684a35581fd137d515e068505f78a47b836
5787b57944bba1fa9e32abc02428e18ed537f675d7f6dd9a79401daece3ae0b8
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
58122bad8b676f1eb137667c2b4b73e344f3770f05d4e898ed83b9c80f09dabb
5978f6f4423720ff150ae75f7d318c89f2116fefcef9349f6d4817f01ef3d38a
5990f8d30ec682c9e8fc782f862336a651ae23d12e4dbe4d6c54553e1078a93e
5a735d12905ab38d4a6bfa738e9529162797bc232867e2e3acba55f70679fc62
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d207c715a923300f9f11a8b1f087cceecc59c755379a6f3530472cb1271b6dd
5d68589f57aede8fec0f11156341a9b5ce259a8a17a64a19f29957de3a977407
60ae17b10c3fcd73ae02bd7ef7648f8916ad9cba28c21aec08c7930e9b1da547
610591d50e9ebd55e9ca5c13cc6187762f3cd33d9189632ed15dbe574b09284c
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
638c69f12161684aff2dfd8510719da81a34acf2297ac996331e233ff51bca92
63e3d3d37e1c737c7b8ebaaaadfd18602b88778c7c15a60aaa1898a34cae37cd
64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707
65bda0b88646ba438060110a769733f8a5f338fe8a717cc6828356861cbdd924
68cf22beca0981b6f19542704bae886f9c9020505697164799c0d75bf3d74b13
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ee8a1d6bca26e16486db23a53f521b2f629c8dea0c9fa8e0246952c70ca82ac
7111f429c3dcc25ba3720f423d6762eb6996e4de91f081a735a5e557ffef48dd
72f5c5e44c593d8fe36877e69a41858a3f21b63eec02d75d6395a6805feb7228
78c449965c8c3d4a694be3e91828b69324cfa9b4995e17cc0e83eda67b100636
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7af2684e67a5acdab0c7aed20ba26b616544ed66f463b963bbedfd33933786ef
7cdaf8f478d25251fad3edc8e986af1ec338dce6176f2b4158c2eb87286a8d71
819bceee609d030b3d3eefad3bfdafd549f85230fd80f04c044bdbe4ef128c8b
820faa075385fda77ff867e042f2d4e834839d6eb22ad4aa6ac7fd849d549045
82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d
83825cb1a56b1e0873e1ef46aae857f4c6fc3625ad76b91db99dd87678e620fe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8420558edd7c376064b59b9d13484367d1f8c471a898c873d555781557d8bd
900de848cd7c523acdd777e17c5b3d2fd259d3ffbc6702fed2ecbfa9e83f3a39
9113ec0d497619fec179752176efe4c2a1a63eabcf2945143b05324cc329217e
91f2a54862209256b620e6d831e04102ff5e0eac5325f303c2592cfbb75aa34a
92699e43517f3f5c257c188b8c6e922cf86e2f06d7d47057a04c5dc7aeef54e5
92a689ad8dec4c351530a696a357d20b4e39bcfee7c3a82b38a81cc8b981d73d
960cadb52c2c9f1692cf3b8b627461f614eacb571905c317dd2b7b8690530e6c
972b15b841172b74c3f4c164f912ef352106b1b407b4408cbc9dac08ff10947b
9979ee2e1892ebe7eb34da522be3ac00fd3dd41743488b93c5378c711a812751
9c14cdab1260c8377dfc355aad2327a61280f2def4cca49c97599ea949abbd8b
9ca935fd88f150e1118da7b2381042d5bc0566dc275a643248f41677ccb82b1d
9ecabfb81b446eb931e3def6a04d94f1a9d093c4cc3a7a9c549189893fbeb340
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3807cf0b68c422e1c7cf5e48adf29f7425eff8ee5087b3d2497bf7f8ada1fb3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a497ccda7ae909d4dec436c93f4fb6a73d7aff7afc26b45a5e87453ddb41a432
aa8116cbb0d26520d13f8a60affa6366e1657d2e4a20eb6996ec806d1882c2c5
aad0d028bb6d1a8812708f103d9afa187babfd87ecb0156ad5ff5766de36b7b6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad096da12f382473da42b7d0a31e18bf59f5283394a90500f8febe1556f1e03a
ad0f5e6908ef00988befed26a40929ef41d38554a6ccab9e5dc9bb9828787643
ad525c60a11751ad1110157afffe0aef51a5cb953ff46f88a832af8192e553e4
b42bc9808ac7826250c21597941c56744ee8ae6cda1303264146f6e427bf9cdf
b63427a37dc387587f9dc071dd62f31c465645438815942af389cdfe00a6dfad
b798a779d1e4184aa06faa8e2bf45f21c2d032c8eb39e7291eba5763c1ea5713
bdcb0fc7b6d741edbc251832dfd84a1511d253b1ea8cecb7ac0d8e77eb9623dc
c0d1de1f93b375904cc4cd8500635d320a363dfd71cf316477c5746c778f40c0
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
cbe3d4a0e5bd00a308c882c4e0a9e276c4d79125143a6e2059dd90998181fd5d
cc51d246a6c22015d403fa31809f989b853824f1fe346a4fc51937c3ed4bf06a
ccb7f15335793662507b92481fe584f59819126184d62839eaa1db54763889dd
cd25c89ad315bec12c7716669ff1ccb7e2a0e1e4fa07bc225be895806184efea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
d48ea2abdc293af3e8f276fc4a124f0ff2866042d33a28d31a24743b94b816eb
da08924ee5c8c31741aa78c66713e9749544c2a58e7095798ac798a580a34cd9
da0b6bd768635441dc20b2b8a7a185c27ef9eb812836b810390697a173addd1d
dd7bfc87b31b1bd2b336388c52e130ecd909452cea4cc92c6bcd413742b67fb4
dd95769c9eec0641d1dea89d61324e5303b7c0d00ee25595e956665b07533629
de432bb7a9a6878e9b090dc55b44dcf20ca86d201e482c42326da086ad9c79f3
df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e05c729bb91515f8fff54b36f8544d0922d8c0edb65bf8cfc69e16f75cbd6125
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5
e52efa33803461b9689a13f065ec3b636acfb2437c95f725d9304f05877b327b
e6f360451d13af2c218c9a46f2829c35cffc6ba17b7b9c004b89fa38955b072d
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d99a585b1c6723d4d6f534847bc34dc65980a74d855aa7b57d04d784d06b5
f20e99aabc8453a890df8c2a3a57202d4b8ea4fd1cef43eac6bff83c9049da60
f3b726d90a99ac30a4587f08e4bfa431df540d76de558b04b342600525bcfa42
f3cef7b00254ffaafdc3ea06cc59451d210ebfe88bde990ea0ed297adac931e7
f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7
f99e45c162909f0ab1dc0bedb924b3908d644aa6fbb7987356da731d4a2c01da
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fddda813b7c37c3af7ccc2589dc13c1858694a523431f775ccd21966eac27f22
fed972e880f9b482af26e1cfa5002d9f66c8e2be2aab51487ad59831c6c34b50

www.ntd.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

182 Requests

93 %HTTPS

33 %IPv6

45 Domains

74 Subdomains

58 IPs

9 Countries

4234 kBTransfer

7310 kBSize

4 Cookies

23 Outgoing links

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

93 %
HTTPS

33 %
IPv6

45
Domains

74
Subdomains

58
IPs

9
Countries

4234 kB
Transfer

7310 kB
Size

4
Cookies

182 HTTP transactions
3 data transactions