www.ntd.com Open in urlscan Pro
104.18.25.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Submission: On May 15 via manual (May 15th 2024, 7:24:37 am UTC) from CH — Scanned from CH

Summary HTTP 188 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 21 domains to perform 188 HTTP transactions. The main IP is 104.18.25.30, located in and belongs to CLOUDFLARENET, US. The main domain is www.ntd.com.
TLS certificate: Issued by E1 on April 2nd 2024. Valid for: 3 months.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	104.18.25.30 104.18.25.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.251.162 34.107.251.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2.19.198.138 2.19.198.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
11	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
5	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
2	34.120.97.157 34.120.97.157	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
11	34.110.129.224 34.110.129.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	82.148.14.195 82.148.14.195	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
6	35.201.68.206 35.201.68.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
6	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
1	52.92.208.64 52.92.208.64	16509 (AMAZON-02) (AMAZON-02)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	64.233.166.155 64.233.166.155	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	104.21.234.69 104.21.234.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	46.161.36.23 46.161.36.23	49505 (SELECTEL) (SELECTEL)
10	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
9	2.19.198.105 2.19.198.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	104.21.234.68 104.21.234.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.244.18.104 18.244.18.104	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
15	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
3	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
11	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1 2	52.73.2.199 52.73.2.199	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	18.213.141.93 18.213.141.93	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.67.69.73 172.67.69.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.67.74.207 172.67.74.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.188.156.187 54.188.156.187	16509 (AMAZON-02) (AMAZON-02)
188	37

42 104.18.25.30 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.251.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.251.107.34.bc.googleusercontent.com

subs.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.19.198.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-138.deploy.static.akamaitechnologies.com

i.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 136.243.66.182 (Cologne, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static7.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static5.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.97.157 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com

pwe.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.148.14.195 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel25.imcmdb.net

cdnjs.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.68.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www1.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 4.7.168.74 (Hazleton, United States)

ASN3356 (LEVEL3, US)

ea.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.208.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.69 (None, )

ASN13335 (CLOUDFLARENET, US)

mixproxy.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.161.36.23 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp1.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.19.198.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-105.deploy.static.akamaitechnologies.com

vs1.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.68 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-104.fra56.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.2.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-2-199.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.141.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-141-93.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.73 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.74.207 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.188.156.187 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-156-187.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	ntd.com www.ntd.com i.ntd.com	1 MB
18	epochbase.com subs.epochbase.com — Cisco Umbrella Rank: 334222 pwe.epochbase.com — Cisco Umbrella Rank: 81295 ea.epochbase.com — Cisco Umbrella Rank: 75156	151 KB
17	youmaker.com sc.youmaker.com — Cisco Umbrella Rank: 89720 www.youmaker.com — Cisco Umbrella Rank: 238434 www1.youmaker.com — Cisco Umbrella Rank: 149991 vs1.youmaker.com — Cisco Umbrella Rank: 89999 Failed	3 MB
16	googlesyndication.com fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164 pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	190 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	104 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646	75 KB
12	mixi.media mixi.media — Cisco Umbrella Rank: 49511 static.mixi.media — Cisco Umbrella Rank: 100227 cdnjs.mixi.media — Cisco Umbrella Rank: 62503 static4.mixi.media — Cisco Umbrella Rank: 107182 static8.mixi.media — Cisco Umbrella Rank: 105702 static7.mixi.media — Cisco Umbrella Rank: 74361 static5.mixi.media — Cisco Umbrella Rank: 75768	383 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	216 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	282 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3700 rp.liadm.com — Cisco Umbrella Rank: 1319 idx.liadm.com — Cisco Umbrella Rank: 1807	37 KB
3	clickcertain.com 1 redirects a.clickcertain.com — Cisco Umbrella Rank: 5348	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
3	stat.media stat.media — Cisco Umbrella Rank: 54300	1 KB
3	epoch.cloud mixproxy.epoch.cloud — Cisco Umbrella Rank: 80434 cdn.epoch.cloud — Cisco Umbrella Rank: 94164	175 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	275 KB
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 7044	935 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 64	16 KB
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 5960	564 B
1	google.ch www.google.ch — Cisco Umbrella Rank: 31932	408 B
1	amazonaws.com s3-us-west-2.amazonaws.com	72 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 297	30 KB
188	21

	Domain	Requested by
42	www.ntd.com	www.ntd.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
11	tpc.googlesyndication.com	www.ntd.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	pwe.epochbase.com	www.ntd.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
9	vs1.youmaker.com	www.ntd.com
8	i.ntd.com	www.ntd.com
6	ea.epochbase.com	www.ntd.com
5	www1.youmaker.com	www.ntd.com
5	securepubads.g.doubleclick.net	www.ntd.com www.googletagservices.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	a.clickcertain.com	1 redirects a.remarketstats.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net
3	static8.mixi.media	www.ntd.com
3	stat.media	cdnjs.mixi.media
3	www.googletagmanager.com	www.ntd.com www.googletagmanager.com
3	mixi.media	www.ntd.com static.mixi.media
3	www.google.com	www.ntd.com www.gstatic.com tpc.googlesyndication.com
2	p.alocdn.com	1 redirects
2	rp.liadm.com	1 redirects www.ntd.com
2	cdn.epoch.cloud	www.ntd.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.youtube.com	www.ntd.com www.youtube.com
2	static.mixi.media	mixi.media www.ntd.com
2	sc.youmaker.com	www.ntd.com
1	a.remarketstats.com	1 redirects
1	idx.liadm.com	b-code.liadm.com
1	fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	static5.mixi.media	www.ntd.com
1	static7.mixi.media	www.ntd.com
1	static4.mixi.media	www.ntd.com
1	mixproxy.epoch.cloud	pwe.epochbase.com
1	www.google.ch	www.ntd.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	www.gstatic.com	www.google.com
1	www.youmaker.com	www.ntd.com
1	cdnjs.mixi.media	mixi.media
1	www.googletagservices.com	www.ntd.com
1	subs.epochbase.com	www.ntd.com
188	42

This site contains links to these domains. Also see Links.

Domain
donate.ntd.com
www.shenyun.com
twitter.com
mixi.media
help.ntd.com

Subject Issuer	Validity	Valid
ntd.com E1	`2024-04-02` - `2024-07-01`	3 months	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-15` - `2025-02-14`	a year	crt.sh
i.ntd.com R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
www.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
mixi.media R3	`2024-03-23` - `2024-06-21`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-18` - `2024-07-17`	a year	crt.sh
static.mixi.media R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-03-15` - `2025-02-15`	a year	crt.sh
*.google.ch WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
epoch.cloud GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
stat.media R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
misc-sni.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
clickcertain.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Frame ID: 1DF8A0CD03F1B17E868D7F372023A66D
Requests: 151 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de-CH&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=bottomright&cb=oel76wz9fmmv
Frame ID: 7C898188FAD23277C26EB8FA5A885720
Requests: 1 HTTP requests in this frame

Frame: https://fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4EDFE57767A1942BA932FDFDAC9604C5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs
Frame ID: 14E3371DEDD58619687F56C7F0B4D465
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs
Frame ID: 953422466D6607BCA190F27AE12C1CAF
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs
Frame ID: 364F6A49193DA047D6648D1A32179B92
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C87FCB6CE83AF0B1A6AF45644E0A0F3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4283C5CF58BD660E19158E327932A096
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=1fb6345e-cc03-4c96-a7c8-80024bc5e568&cn=CH&rid=9172d95c-03ba-4bdb-a0c4-febb9621d593
Frame ID: F9E62153541C90ADF81723BB3EEC4103
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New York Times Plans Attack on Shen Yun: Investigation | NTD

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

188
Requests

93 %
HTTPS

0 %
IPv6

21
Domains

42
Subdomains

37
IPs

4
Countries

6200 kB
Transfer

11423 kB
Size

37
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.ntd.com/
Title: Support Us

Search URL Search Domain Scan URL

URL: https://www.shenyun.com/
Title: Shen Yun Performing Arts

Search URL Search Domain Scan URL

URL: https://twitter.com/shenyun
Title: Shen Yun

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14469385&bl=95162&ct=adpreview&st=46&nvuuid=63c973d3-2609-bae3-6600-000844dc01c0&bvuuid=6cce4b5c-7f71-436a-8b66-007f42b876c1&rnd=146854883&ag=25&ev=H4sIAAAAAAAA_-OS6Jz0mW3lnS9sD_d2sf3b_IXt-ZcvbKuAfABmJeINGgAAAA&suid=CiQyNzVkZmRjNi1jOTZkLTQ1NTUtYjNjYi03MmU2YmI5OTU3YTUSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14495273&bl=95162&ct=adpreview&st=46&nvuuid=632e7363-2629-baae-6600-007c44dd0114&bvuuid=6cce4b5c-7f71-436a-8b66-007f42b876c1&rnd=2081711022&ag=25&ev=H4sIAAAAAAAA_-OS6Jz0mW3lnS9sD_d2sf3b_IXt-ZcvbKuAfABmJeINGgAAAA&suid=CiQyNzVkZmRjNi1jOTZkLTQ1NTUtYjNjYi03MmU2YmI5OTU3YTUSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12754657&bl=95162&ct=adpreview&st=46&nvuuid=639e733e-26e1-baa9-6600-006844c2011a&bvuuid=6cce4b5c-7f71-436a-8b66-007f42b876c1&rnd=1746550441&ag=25&ev=H4sIAAAAAAAA_-OS6Jz0mW3lnS9sD_d2sf3b_IXt-ZcvbKuAfABmJeINGgAAAA&suid=CiQyNzVkZmRjNi1jOTZkLTQ1NTUtYjNjYi03MmU2YmI5OTU3YTUSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14490110&bl=95162&ct=adpreview&st=46&nvuuid=631973dc-26fe-baf4-6600-000c44dd01ec&bvuuid=6cce4b5c-7f71-436a-8b66-007f42b876c1&rnd=216849652&ag=25&ev=H4sIAAAAAAAA_-OS6Jz0mW3lnS9sD_d2sf3b_IXt-ZcvbKuAfABmJeINGgAAAA&suid=CiQyNzVkZmRjNi1jOTZkLTQ1NTUtYjNjYi03MmU2YmI5OTU3YTUSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14498407&bl=95162&ct=adpreview&st=46&nvuuid=633a73c1-2667-ba86-6600-001344dd01e9&bvuuid=6cce4b5c-7f71-436a-8b66-007f42b876c1&rnd=334086534&ag=25&ev=H4sIAAAAAAAA_-OS6Jz0mW3lnS9sD_d2sf3b_IXt-ZcvbKuAfABmJeINGgAAAA&suid=CiQyNzVkZmRjNi1jOTZkLTQ1NTUtYjNjYi03MmU2YmI5OTU3YTUSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14495274&bl=95162&ct=adpreview&st=46&nvuuid=632e7342-262a-bab7-6600-004244dd015c&bvuuid=6cce4b5c-7f71-436a-8b66-007f42b876c1&rnd=1113342647&ag=25&ev=H4sIAAAAAAAA_-OS6Jz0mW3lnS9sD_d2sf3b_IXt-ZcvbKuAfABmJeINGgAAAA&suid=CiQyNzVkZmRjNi1jOTZkLTQ1NTUtYjNjYi03MmU2YmI5OTU3YTUSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://help.ntd.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://rp.liadm.com/j?dtstmp=1715757864841&se=e30&duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&tv=v2.14.3&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&wpn=lc-bundle&cd=.ntd.com HTTP 302
https://rp.liadm.com/j?se=e30&duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&cd=.ntd.com&dtstmp=1715757864841&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Request Chain 183

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&c=2455d1796b86efb HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=9172d95c-03ba-4bdb-a0c4-febb9621d593

Request Chain 188

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522e2de1288-1411-4e17-9afb-0af1988bd194%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522e2de1288-1411-4e17-9afb-0af1988bd194%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&tdc=1

188 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Show response
www.ntd.com/ 112 KB
18 KB 1684ms
893ms Document
text/html 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

3651629db858a96da085357cc48185f2baa6457c6214cfa0119f4ec3ab1417e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 8841633b8e27bb13-MXP
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 07:24:19 GMT
expires: Wed, 15 May 2024 11:24:19 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nextjs-cache: STALE
x-powered-by: Next.js
x-xss-protection: 1; mode=block

GET
H2 200 template.css
subs.epochbase.com/lib/ 4 KB
1 KB 543ms
122ms Stylesheet
text/css 34.107.251.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.epochbase.com/lib/template.css
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.251.107.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ea660872abe29e5e806c4e1e55aaa1d46af42c50dace4c5d777a49336e95ad8c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 11 Apr 2024 21:45:11 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
expires: Wed, 15 May 2024 08:24:20 GMT

GET
H2 200 b61f4e45ed4e0593.css
www.ntd.com/_next/static/css/ 169 KB
48 KB 634ms
630ms Stylesheet
text/css 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/b61f4e45ed4e0593.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443c3da01b1c7f483f8deab3ad6b7f0acf771a54bb1312142f1914e08e05fbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"2a2a4-18f20786d70"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163411e5cbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 5bb473991d248c54.css
www.ntd.com/_next/static/css/ 23 KB
5 KB 764ms
760ms Stylesheet
text/css 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"5cf7-18f20786d72"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163411e5dbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 bd55f7ebf438005c.css
www.ntd.com/_next/static/css/ 15 KB
3 KB 774ms
771ms Stylesheet
text/css 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/bd55f7ebf438005c.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2e505569e02b7a8699f78666cec1a206a36562db1839697e1805b1f9647eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"3db9-18f20786d76"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163411e5fbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 5474.29046fffa5ac2d46.js Show response
www.ntd.com/_next/static/chunks/ 35 KB
11 KB 714ms
708ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/5474.29046fffa5ac2d46.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc433e6c2d57da95c01e1ae34d57dd30367eef3e9a8df8e189e250814eede417

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"8b05-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163411e61bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 9073-099e1e0d3ca6f27f.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
3 KB 824ms
817ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/9073-099e1e0d3ca6f27f.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fda6bfcdabf466be34c4e7c123caaae3b211f194f9a9c064b7e185b07d06ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"249b-18f20786d79"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e8fbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 663.13caf7bc3420db42.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
4 KB 709ms
703ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/663.13caf7bc3420db42.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

418bcc3b739d332ad22b8bf4ca45bc2d8b1fa67942ded5df9fe870f7a464c220

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"25dd-18f20786d79"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e90bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 563.b03dac770e12f6a0.js Show response
www.ntd.com/_next/static/chunks/ 12 KB
5 KB 821ms
815ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/563.b03dac770e12f6a0.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d2e502cc1fb4fd0dffa94635007215704baa0b4888c14aea9325785ce195e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"31ff-18f20786d76"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e91bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 webpack-5676d1258e8ee352.js Show response
www.ntd.com/_next/static/chunks/ 6 KB
3 KB 747ms
741ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/webpack-5676d1258e8ee352.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e7a77da72c3c3db5485012c058264ecf31012fae33677360b76afde5044247

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"1930-18f20786d74"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e92bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ntd.com/_next/static/chunks/ 127 KB
41 KB 748ms
743ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"1fbd2-18f20786d76"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e94bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 main-9f9ad50cce646180.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
34 KB 723ms
718ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"1ce12-18f20786d70"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e95bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 _app-085facb3c1303022.js Show response
www.ntd.com/_next/static/chunks/pages/ 316 KB
96 KB 630ms
626ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191d663db4906dfa050f500caa2e926691f3c575464ad7f19877026ca63677b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"4f0e1-18f20786d70"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e96bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 2373-7460ee92f1267c41.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
41 KB 790ms
785ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2373-7460ee92f1267c41.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"1d099-18f20786d77"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e98bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 8500-8f8f605135b4748a.js Show response
www.ntd.com/_next/static/chunks/ 28 KB
7 KB 711ms
706ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/8500-8f8f605135b4748a.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777bd3de92ddd431cce2afd34592672aefcc696b0581df5650f64b1f0d38fd82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"6fa8-18f20786d77"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e99bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 2962-a4df57f83cf7a4f7.js Show response
www.ntd.com/_next/static/chunks/ 17 KB
5 KB 748ms
744ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"4442-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e9bbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 8053-9d577285033187ae.js Show response
www.ntd.com/_next/static/chunks/ 47 KB
15 KB 713ms
709ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/8053-9d577285033187ae.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03146f11e108dc037ff141be3d48d235b7e4306d4ea48848889b3625f123cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"badd-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e9cbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 2630-185dcba70eb4ab06.js Show response
www.ntd.com/_next/static/chunks/ 29 KB
6 KB 731ms
727ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2630-185dcba70eb4ab06.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee1238c140c95d522e8bf6922031841b6b9b4ea6257d0f25a55e8c740604f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"7389-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414e9fbb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 1335-8558513ec0be0ab3.js Show response
www.ntd.com/_next/static/chunks/ 105 KB
13 KB 812ms
808ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1335-8558513ec0be0ab3.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77c1cd7ac39e616f9463a6add6b94f4030a4837eb6760444db6d148343c1c0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"1a281-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea0bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 6373-b002a12eefc2a55c.js Show response
www.ntd.com/_next/static/chunks/ 14 KB
5 KB 747ms
743ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/6373-b002a12eefc2a55c.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b34b75e3508673fecd87827ecd5afe231282e3da5b53d8e0c30a42240b3ada8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"36e1-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea1bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 39-d3c8328a79c055a7.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
3 KB 705ms
702ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/39-d3c8328a79c055a7.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f15b1ca1a332524a10d7f92638492e49a1497c3b15e632376b65b2d2e9ec443

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"2482-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea2bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 9785-a2961c30555d0f19.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
4 KB 731ms
728ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/9785-a2961c30555d0f19.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c447c3a5ce10293aac937c10c945119b33b34e9d07726e23ce3758e9fd66ffb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"25fa-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea3bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 1601-e16e404666ee2e1f.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
2 KB 821ms
819ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1601-e16e404666ee2e1f.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"22bf-18f20786d78"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea5bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 %5Burl%5D-d3ffb57b5d15f052.js Show response
www.ntd.com/_next/static/chunks/pages/ 19 KB
6 KB 747ms
745ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-d3ffb57b5d15f052.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9489fe0340c2811fb47051c5b1eefef435addb8504c4eed50d5de7c76c00e2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"4a95-18f20786d72"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea6bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 _buildManifest.js Show response
www.ntd.com/_next/static/2f03a9b60e2bcf543ef5fc98db3a85fedd9f022d/ 4 KB
2 KB 744ms
742ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/2f03a9b60e2bcf543ef5fc98db3a85fedd9f022d/_buildManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190db7c18d530fd65169700ae873e8e8a68d958f145ab32679f3ade62acbc540

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"115c-18f20786d70"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414ea9bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H2 200 _ssgManifest.js Show response
www.ntd.com/_next/static/2f03a9b60e2bcf543ef5fc98db3a85fedd9f022d/ 598 B
329 B 814ms
813ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/2f03a9b60e2bcf543ef5fc98db3a85fedd9f022d/_ssgManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:52:11 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"256-18f2078b0ca"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163414eaabb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:20 GMT

GET
H/1.1 200
OK NTDLogo.svg
i.ntd.com/assets/themes/ntd/images/ 660 B
1 KB 715ms
203ms Image
image/svg+xml 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:20 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 660
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-294"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30930679
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK nest_newsletter_cif.jpg
i.ntd.com/assets/themes/ntd/images/ 120 KB
120 KB 142ms
142ms Image
image/jpeg 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/nest_newsletter_cif.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:20 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 122419
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-1de33"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30390616
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Fri, 02 May 2025 01:14:36 GMT

GET
H2 200 ENTD_Play.svg
www.ntd.com/images/ 2 KB
1015 B 733ms
732ms Image
image/svg+xml 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/ENTD_Play.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"7e6-18a84a34dab"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88416345edf4bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:21 GMT

GET
H2 200 NTDLogo.svg
www.ntd.com/images/ 660 B
692 B 728ms
727ms Image
image/svg+xml 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"294-18a84a34dab"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88416345edf6bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:21 GMT

GET
H2 200 footer-app-logo.png
www.ntd.com/images/ 73 KB
73 KB 798ms
798ms Image
image/png 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 74494
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
etag: W/"122fe-18a84a25ff3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88416345edf8bb13-MXP
expires: Wed, 15 May 2024 11:24:21 GMT

GET
H2 200 NTD_BackToTop.svg
www.ntd.com/images/ 2 KB
938 B 726ms
726ms Image
image/svg+xml 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTD_BackToTop.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"7d6-18a84a34dac"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88416345edf9bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:21 GMT

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7745e700cc600e8ad111cc9d752e7e5d888201979efeaba26155a49cb5865826

Request headers

Referer
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 8735.d0b957bfa55e8687.js Show response
www.ntd.com/_next/static/chunks/ 44 KB
15 KB 688ms
687ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-5676d1258e8ee352.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"af73-18f20786d76"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 884163472fb3bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:21 GMT

GET
H2 200 30418f44-0997a245180a218e.js Show response
www.ntd.com/_next/static/chunks/ 681 KB
186 KB 903ms
902ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-5676d1258e8ee352.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

875eee8bd1d0816a0d63463af19a88b6f69a84fc630faa49757e035af6d71a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"aa25e-18f20786d76"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 88416347b8bebb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:21 GMT

GET
H2 200 9543.7a669ed6f1046139.js Show response
www.ntd.com/_next/static/chunks/ 1 KB
835 B 1154ms
1154ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/9543.7a669ed6f1046139.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-5676d1258e8ee352.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de8dd938ecd1f3443ddf7aa3eb5e4f81a3c25a5d99fce8c85d8c2b08ce5793c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"504-18f20786d76"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 88416347b8c1bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:21 GMT

GET
H2 200 3551.c4902511e13a61e8.js Show response
www.ntd.com/_next/static/chunks/ 741 B
538 B 893ms
892ms Script
application/javascript 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/3551.c4902511e13a61e8.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-5676d1258e8ee352.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c42aefd381b7e07a20a87de61ab8488490a721d1148e6d7103d6fc77d815bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Sat, 27 Apr 2024 16:51:54 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"2e5-18f20786d74"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 88416347b8c4bb13-MXP
x-xss-protection: 1; mode=block
expires: Thu, 15 May 2025 07:24:21 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 1141ms
142ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-d3ffb57b5d15f052.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

6d669b521bc3c21204755eb15a28a39a7830da4ad2308977518f6534beb5a248

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 07:24:22 GMT

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
2 KB 939ms
424ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/563.b03dac770e12f6a0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f5db3258e790dbb9006071920bf84c27b8ec85bfeee23711f624e1f5668257da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 07:24:21 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 15-May-2024 07:24:21 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H2 404 prebid.js
www.ntd.com/js/ 0
0 1131ms
1129ms Script
text/html 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/js/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
server: cloudflare
x-powered-by: Next.js
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=utf-8
x-nextjs-cache: STALE
cache-control: public, max-age=14400
cf-ray: 88416347b8c6bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
30 KB 1287ms
222ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6b92dd42dc5424c21a17ad2375ab473a44cc520749029445e7fe6385138d0d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29982
x-xss-protection: 0
server: cafe
etag: 150 / 19858 / m202405090101 / config-hash: 10200211066390341599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 May 2024 07:24:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
105 KB 1192ms
199ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

13ffc0034fe35f8455f16d4d99620f42a5f0365eb235395f3dbfcc914746cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 07:24:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
65 KB 1144ms
152ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b14684cca4e2d1b1b060f77154406b44323dffc20a9902ec0696f20e018657a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66116
x-xss-protection: 0
last-modified: Wed, 15 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 May 2024 07:24:22 GMT

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 1 KB
204 B 1119ms
1118ms Fetch
application/json 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/39-d3c8328a79c055a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8695f27534da8dd5764afa2fadfc0710f1df22757c32f59339809360faa17adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 88416347b8c8bb13-MXP
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 664 B
729 B 960ms
474ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=980831,992721,992307,992883,992881,992878,992875,992576,992743,992790&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 8e5f4888daa33a0f74f1d668420d5dae57600a773092e9e45730d5bd033edc20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664

POST
H2 200 getcounts Show response
www.ntd.com/v1/api/video/ 50 B
167 B 1116ms
1115ms Fetch
application/json 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/v1/api/video/getcounts

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/663.13caf7bc3420db42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb8f699121425e2dbf1cd1c40db7a94325f6ce9c255c27b96b1de4918e4c857

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-encoding: gzip
server: cloudflare
cf-cache-status: DYNAMIC
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 88416347b8cabb13-MXP
x-xss-protection: 1; mode=block

GET
H2 200 fb512588-5ffa-49f9-a94f-69ec8467ddab Show response
www.ntd.com/v1/api/video/metadata/ 5 KB
2 KB 11274ms
11273ms Fetch
text/plain 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/v1/api/video/metadata/fb512588-5ffa-49f9-a94f-69ec8467ddab

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/563.b03dac770e12f6a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79efcd2dd40247f3956e93c37edb4e826f3147c388f9ebab9566fb450e6b421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 07:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/plain; charset=utf-8
cf-ray: 88416347b8ccbb13-MXP
x-xss-protection: 1; mode=block

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 638 B
434 B 1114ms
1113ms Fetch
application/json 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/39-d3c8328a79c055a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

094c838628119d8772c6b0138fcda26b8e57e6c4e8ca27ca16196833e17bbed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Wed, 15 May 2024 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 88416347b8cdbb13-MXP
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 409 B
609 B 957ms
473ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=992698,992343,992709,992318,992480,992433&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 0e2ff26a5f67cbf5c8ca66fb945569942523bea5d4100b430e3712d064debd6d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 409

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 93 KB
30 KB 1304ms
250ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b7f24fe5a604c76e4c7fb92b81b3d604dd24781e1f34b0cba5b7549481e2c3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29981
x-xss-protection: 0
server: cafe
etag: 775 / 19858 / m202405090101 / config-hash: 10200211066390341599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 May 2024 07:24:22 GMT

GET
H2 200 region Show response
pwe.epochbase.com/api/ 187 B
388 B 1002ms
541ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/region?siteId=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a41bde13c433a30ed2267e633f2fd3c6786fc99d970945c8a03c93eaba580c67

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187

GET
H/1.1 200
OK id905992-TiffanyMeier_WEB.jpg
i.ntd.com/assets/uploads/2023/03/ 274 KB
275 KB 291ms
290ms Image
image/jpeg 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/03/id905992-TiffanyMeier_WEB.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2f68e3166fdf867168ae06331fe0bc287bdc25a43d49e56b9f015b3b753d97b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:21 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 280346
Last-Modified: Fri, 07 Apr 2023 19:44:04 GMT
Server: nginx
ETag: "64307284-4471a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30102651
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 28 Apr 2025 17:15:12 GMT

GET
H2 200 share.svg
www.ntd.com/images/ 338 B
319 B 640ms
638ms Image
image/svg+xml 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
content-encoding: gzip
etag: W/"152-18a84a25ffa"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88416347c8e0bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:21 GMT

GET
H2 200 share_single.svg
www.ntd.com/images/ 388 B
336 B 638ms
637ms Image
image/svg+xml 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share_single.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:21 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
content-encoding: gzip
etag: W/"184-18a84a25ffa"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88416347c8e1bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:21 GMT

GET
H/1.1 200
OK id992699-GettyImages-2152338903.jpeg-352x220.webp
i.ntd.com/assets/uploads/2024/05/ 19 KB
20 KB 812ms
384ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/05/id992699-GettyImages-2152338903.jpeg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6e2008cd403535e2622d82e08879ba4115af80d9820ed75fb51bc031f9ef24ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:21 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 19444
Last-Modified: Tue, 14 May 2024 16:38:37 GMT
Server: nginx
ETag: "6643938d-4bf4"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31485983
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id992344-steve-buscemi.jpeg-352x220.webp
i.ntd.com/assets/uploads/2024/05/ 9 KB
10 KB 633ms
205ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/05/id992344-steve-buscemi.jpeg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c6637cc1299fd0a0fe21b237cf4069cb563a228645f48abbd9e2fb9915fbd278

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:21 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 9226
Last-Modified: Mon, 13 May 2024 14:07:02 GMT
Server: nginx
ETag: "66421e86-240a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31392124
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id992722-migrant-bus-crash-AP24135664289735.jpeg-352x220.webp
i.ntd.com/assets/uploads/2024/05/ 27 KB
28 KB 795ms
367ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/05/id992722-migrant-bus-crash-AP24135664289735.jpeg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ba3d03d3ed17ff473b44dc3373591466ab700a69a0a3011f0d220914027c2d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:21 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 28100
Last-Modified: Tue, 14 May 2024 19:29:50 GMT
Server: nginx
ETag: "6643bbae-6dc4"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31494074
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id992383-32nd-world-Falun-Dafa-day-celebration-in-Germanyin.png-352x220.webp
i.ntd.com/assets/uploads/2024/05/ 20 KB
21 KB 360ms
360ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/05/id992383-32nd-world-Falun-Dafa-day-celebration-in-Germanyin.png-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

502cf58aa20a5b9263824b8ae1334b5e73f539ecaa74e21139688c968c9d3d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:21 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 20340
Last-Modified: Mon, 13 May 2024 15:31:31 GMT
Server: nginx
ETag: "66423253-4f74"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31396854
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id992577-JD-Vance-GettyImages-2152756944.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/05/ 12 KB
12 KB 361ms
361ms Image
image/webp 2.19.198.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/05/id992577-JD-Vance-GettyImages-2152756944.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.198.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-198-138.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

73c280c85744eeed7ce81be8ff9474528d5b07ff02a3045df2a40a88248dc1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 15 May 2024 07:24:21 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 11896
Last-Modified: Tue, 14 May 2024 08:04:42 GMT
Server: nginx
ETag: "66431b1a-2e78"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31455471
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK jsapi.v5.12.0.en_US.js Show response
static.mixi.media/static/jsapi/ 251 KB
75 KB 664ms
209ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 07:51:02 GMT
Server: nginx
ETag: W/"62455d66-3eabf"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
cdnjs.mixi.media/ 89 KB
32 KB 752ms
179ms Script
application/x-javascript 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.mixi.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: eec1241ebd35d11ba194df74f8bed321ca3164fb84a98b2d4ddfcd48072fc6e5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2024 09:18:06 GMT
Server: nginx
ETag: W/"6641dace-165de"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 663ms
208ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:22 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H2 200 tracking Show response
pwe.epochbase.com/api/config/ 130 B
194 B 243ms
241ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/config/tracking?siteId=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: fde9ee51fca5303e3ecbc119c72e658e78537e8e2429f3dc1ecbccedccb9dd92

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 764ms
242ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

ESF /

Resource Hash

21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 15 May 2024 07:24:22 GMT

GET
H2 200 fb512588-5ffa-49f9-a94f-69ec8467ddab Show response
www.ntd.com/v1/api/video/metadata/ 5 KB
2 KB 10515ms
397ms Fetch
text/plain 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/v1/api/video/metadata/fb512588-5ffa-49f9-a94f-69ec8467ddab

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/563.b03dac770e12f6a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79efcd2dd40247f3956e93c37edb4e826f3147c388f9ebab9566fb450e6b421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 07:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/plain; charset=utf-8
cf-ray: 8841638e0887bb13-MXP
x-xss-protection: 1; mode=block

GET
H2 200 fb512588-5ffa-49f9-a94f-69ec8467ddab Show response
www.youmaker.com/v1/api/video/metadata/ 5 KB
2 KB 684ms
363ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/v1/api/video/metadata/fb512588-5ffa-49f9-a94f-69ec8467ddab
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e79efcd2dd40247f3956e93c37edb4e826f3147c388f9ebab9566fb450e6b421

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 subtitle Show response
www1.youmaker.com/v1/api/video/ 35 B
147 B 663ms
390ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.youmaker.com/v1/api/video/subtitle?systemid=fb512588-5ffa-49f9-a94f-69ec8467ddab
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09cfa981c6ada894afd02cb819a9b44ae8b3c51ef9b31b159e56c9e0d560ec31

Request headers

Referer
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
202 KB 915ms
117ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

29a43e8de8f2b788580c968f933ef7b07ea7f4fd9db4c66a2259f9d7ffdd31f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206103
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 May 2025 14:12:24 GMT

GET playlist.m3u8
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/ 0
0

GET
BLOB 200
OK a7d299b2-66b2-48d1-ba10-3b81709e9e09
https://www.ntd.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/a7d299b2-66b2-48d1-ba10-3b81709e9e09
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f791eabefc065903d7efdab11dfdaa0fe2ee5523bdc9bca55fbb279e45b7a4b

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 5896
Content-Type: application/javascript

GET
BLOB 200
OK 16c587fc-dd51-4d50-92b2-3dafb4455074
https://www.ntd.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/16c587fc-dd51-4d50-92b2-3dafb4455074
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 80085
Content-Type: application/javascript

GET
BLOB 200
OK 6357ea02-a4ec-4423-aa53-0a680b4800c8
https://www.ntd.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/6357ea02-a4ec-4423-aa53-0a680b4800c8
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 80085
Content-Type: application/javascript

OPTIONS
H2 200 reportad
www1.youmaker.com/ Frame 0
0 342ms
148ms Preflight 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.youmaker.com/reportad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 15 May 2024 07:24:22 GMT
server: nginx/1.20.1
via: 1.1 google

POST
H2 200 reportad Show response
www1.youmaker.com/ 15 B
100 B 179ms
178ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.youmaker.com/reportad
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
content-type: application/json;charset=UTF-8

POST
H2 204 collect Show response
ea.epochbase.com/api/analytics/ 0
225 B 1093ms
389ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/analytics/collect?tid=G-NLM20HHRE4&v=1&en=video_start&site_id=www.ntd.com&video_id=fb512588-5ffa-49f9-a94f-69ec8467ddab&video_playtime=0&video_percentage=0&dl=&dr=&uid=0d6513cf-df31-4414-9e74-d865cecfe9e4&cid=null
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.ntd.com
date: Wed, 15 May 2024 07:24:23 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

GET
H3 200 mixpanel-2.48.1.min.js Show response
pwe.epochbase.com/libs/ 52 KB
18 KB 246ms
169ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 15 Dec 2023 22:33:10 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 08:24:22 GMT

GET
H3 200 template Show response
pwe.epochbase.com/api/ 1 KB
676 B 184ms
184ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ 71 KB
72 KB 1221ms
361ms Script
application/javascript 52.92.208.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.208.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f58460179bdfc527e1ae7a32dfca6f77447660b1f4f336e5ca4c08759ae92ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:24 GMT
Last-Modified: Tue, 07 May 2024 17:12:44 GMT
Server: AmazonS3
x-amz-request-id: 1KXR7ZM3RWJERPKQ
ETag: "40c13430567747aa08f9094cfce8d74d"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 73125
x-amz-id-2: FugRWZOsBP5Y29mEaeK8O/9cscoMcaS7WJbhi4WC77rOnUu5h1pAfmFh8dDtq0hoyM8LSWFQaQE=
Expires: Thu, 06 Jun 2024 17:12:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
105 KB 83ms
81ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b8649a78d5ac000969d694682eec85115e82e77f05e7651174f36b089b1de32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 07:24:22 GMT

OPTIONS
H2 200 c
ea.epochbase.com/api2/pw/ Frame 0
0 968ms
293ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type,Authorization
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
cache-control: max-age=3600 public
content-length: 0
date: Wed, 15 May 2024 07:24:23 GMT
expires: Wed, 15 May 2024 08:24:23 GMT
pragma: public
server: nginx/1.20.1

POST
H2 200 c Show response
ea.epochbase.com/api2/pw/ 0
309 B 1287ms
1284ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 15 May 2024 07:24:24 GMT
server: nginx/1.20.1
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3600, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Wed, 15 May 2024 08:24:24 GMT

GET
H3 200 data Show response
pwe.epochbase.com/api/flow/ 6 KB
1 KB 168ms
168ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/data?siteId=www.ntd.com&flowId=live-ntd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e694fe9a05dff31510293e22b2d64d02a170a6530cb0aa7e2dc847d51bc0c6c8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
242 B 887ms
168ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je45d0v896365836za200&_p=1715757860973&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1680266971.1715757862&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715757862&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&dt=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=4113
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 07:24:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 815ms
135ms Ping
text/plain 64.233.166.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=1680266971.1715757862&gtm=45je45d0v896365836za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.166.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wm-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 07:24:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 860ms
143ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=1680266971.1715757862&gtm=45je45d0v896365836za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=878293667

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 194ms
193ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 10:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74862
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 14 May 2025 10:36:40 GMT

GET
H3 200 meter Show response
pwe.epochbase.com/api/flow/ 38 B
54 B 203ms
203ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/meter?uid=25beaff0-128c-11ef-bfff-e1ce0b955d65&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&resetPeriod=1&resetUnit=days&countSamePage=false
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38

POST
H2 200 / Show response
mixproxy.epoch.cloud/mixpanel/track/ 1 B
685 B 1549ms
332ms XHR
application/json 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1715757862537

Requested by

Host: pwe.epochbase.com
URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 May 2024 07:24:24 GMT
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400
content-length: 1
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ntd.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsPkjmGavbboGhXyc7RHOZoFrtHLIF%2FKBTxExwawRixKvPXLRACtG7c4yV%2FMOVjxKOu98Hz%2F86u19W34JiPFO47xYSsujXoygpwSZjfij1%2BxDq6CwhBQhX0DeR%2FqMkNZls47sQylyA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 88416358dad6367f-FRA
access-control-allow-headers: X-Requested-With

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 8 KB
3 KB 232ms
231ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 40ef17d7598dc698eec044c413a30187830a3f9a9eb3b0130fb74c3fc41c6a4d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 07:24:22 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 15-May-2024 07:24:22 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Node: ads5-3sser15

POST
H3 200 meter Show response
pwe.epochbase.com/api/flow/ 0
13 B 198ms
197ms XHR
text/plain 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/meter?uid=25beaff0-128c-11ef-bfff-e1ce0b955d65&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 452 B
1 KB 1061ms
181ms Script
application/javascript 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxjslY3Z9zE&cb=_callbacks____0lw7hxjqg
Requested by: Host: cdnjs.mixi.media
URL: https://cdnjs.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.161.36.23 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: af08db4767d21c027efea07b5fc1e89ba264b48da0578ced16ecbcb00227d138

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 5965368 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 1005ms
169ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5965368?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

7cabbecad693f8744c27476446734f3688d37b29726181843400b5f181c9d759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-_lsUOxA9QJ_LvSlcsTKI8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-_lsUOxA9QJ_LvSlcsTKI8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7NfZP0PxEI8HMuPTdzEJtCw_vFWJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA1NDYz0Do_gCAwCOkENZ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 subtitle Show response
www1.youmaker.com/v1/api/video/ 35 B
51 B 94ms
71ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.youmaker.com/v1/api/video/subtitle?systemid=fb512588-5ffa-49f9-a94f-69ec8467ddab
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

POST
H3 200 reportad Show response
www1.youmaker.com/ 15 B
29 B 54ms
53ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.youmaker.com/reportad
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 May 2024 07:24:22 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
content-type: application/json;charset=UTF-8

POST
H2 204 collect Show response
ea.epochbase.com/api/analytics/ 0
225 B 937ms
797ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/analytics/collect?tid=G-NLM20HHRE4&v=1&en=video_start&site_id=www.ntd.com&video_id=fb512588-5ffa-49f9-a94f-69ec8467ddab&video_playtime=0&video_percentage=0&dl=&dr=&uid=0d6513cf-df31-4414-9e74-d865cecfe9e4&cid=null
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.ntd.com
date: Wed, 15 May 2024 07:24:23 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

GET
H/1.1 200
OK playlist.m3u8 Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/ 848 B
1005 B 507ms
207ms XHR
application/x-mpegurl 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/playlist.m3u8
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 8e1862739d33ed00d6ac62da36d1b1321bf3591b791d55e14417def0860cd7cd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Cdn-Cache-Control: no-store
Content-Length: 257
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: must-revalidate, max-age=9
Access-Control-Allow-Credentials: true
Akamai-Cache-Control: max-age=10,must-revalidate
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
BLOB 200
OK fd8f0ad5-fbb4-4759-9476-fab314582f86
https://www.ntd.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/fd8f0ad5-fbb4-4759-9476-fab314582f86
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f791eabefc065903d7efdab11dfdaa0fe2ee5523bdc9bca55fbb279e45b7a4b

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 5896
Content-Type: application/javascript

GET
BLOB 200
OK 18723f42-6bb6-4304-8606-b57878f76947
https://www.ntd.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/18723f42-6bb6-4304-8606-b57878f76947
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 80085
Content-Type: application/javascript

GET
BLOB 200
OK c1b8aa8b-e7ae-4771-9ef4-8b0ed1144e52
https://www.ntd.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/c1b8aa8b-e7ae-4771-9ef4-8b0ed1144e52
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 80085
Content-Type: application/javascript

GET
H/1.1 200
OK 11808023.jpeg
static4.mixi.media/img/400x300/ 31 KB
31 KB 734ms
255ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/11808023.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 7b3c7dc60cd27fe314407372f443dd4636140aab08a28e92e94f686688229fc6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Fri, 03 May 2024 16:46:57 GMT
Server: nginx
ETag: W/"66351501-459c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 31959

GET
H/1.1 200
OK 11827135.jpeg
static8.mixi.media/img/400x300/ 56 KB
57 KB 747ms
267ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/11827135.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 5f7b9b07943d7025925b87351e28c31b1a57f4ebbdd6fcb497df899c79e9cb58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Tue, 14 May 2024 00:13:07 GMT
Server: nginx
ETag: W/"6642ac93-1fd7f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 57708

GET
H/1.1 200
OK 11805993.jpeg
static8.mixi.media/img/400x300/ 47 KB
48 KB 738ms
267ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/11805993.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 3f7d425c46fc811ea68aeec609eeaf7542a0c274575e02e5adb859f5d9e03b70

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Fri, 03 May 2024 01:28:30 GMT
Server: nginx
ETag: W/"66343dbe-1220f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 48622

GET
H/1.1 200
OK 11823266.jpeg
static8.mixi.media/img/400x300/ 48 KB
48 KB 728ms
198ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/11823266.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 1371f28d818f62f48af9009f4f404f827456084d85617dcbea28a5154a774ebd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Sun, 12 May 2024 04:40:03 GMT
Server: nginx
ETag: W/"66404823-42b13"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 48763

GET
H/1.1 200
OK 11829295.jpeg
static7.mixi.media/img/400x300/ 40 KB
41 KB 797ms
198ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/11829295.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 57a38c5ce2c96478d4b76dec2dd1c7100416598d8fda45c8953a3b6c921bb7bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Tue, 14 May 2024 18:23:10 GMT
Server: nginx
ETag: W/"6643ac0e-34447"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 41232

GET
H/1.1 200
OK 11827136.jpeg
static5.mixi.media/img/400x300/ 39 KB
39 KB 769ms
201ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/11827136.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: a663498edc06e2e46029642508598e108e1e579ebd9ef45a36652527a3839aac

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Tue, 14 May 2024 00:14:03 GMT
Server: nginx
ETag: W/"6642accb-2c32f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 39490

OPTIONS
H2 200 c
ea.epochbase.com/api2/pw/ Frame 0
0 372ms
293ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type,Authorization
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
cache-control: max-age=3600 public
content-length: 0
date: Wed, 15 May 2024 07:24:23 GMT
expires: Wed, 15 May 2024 08:24:23 GMT
pragma: public
server: nginx/1.20.1

GET
H3 200 template Show response
pwe.epochbase.com/api/ 3 KB
1 KB 171ms
171ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 640358130b8a6b2a822dda079bd3d0fb8ec94d78216ae4ac4a6cf7a09291dd84

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 c Show response
ea.epochbase.com/api2/pw/ 0
309 B 1288ms
1285ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 15 May 2024 07:24:24 GMT
server: nginx/1.20.1
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3600, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Wed, 15 May 2024 08:24:24 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/ 42 KB
14 KB 217ms
215ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

sffe /

Resource Hash

3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13973
x-xss-protection: 0
last-modified: Mon, 13 May 2024 04:15:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 May 2025 06:21:03 GMT

GET
H3 200 react.production.min.js Show response
pwe.epochbase.com/libs/react@18.2.0/ 10 KB
4 KB 201ms
200ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/react@18.2.0/react.production.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 02 Dec 2023 22:34:10 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 08:24:23 GMT

GET
H3 200 react-dom.production.min.js Show response
pwe.epochbase.com/libs/react@18.2.0/ 129 KB
44 KB 201ms
200ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/react@18.2.0/react-dom.production.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 02 Dec 2023 22:34:44 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 08:24:23 GMT

GET
H3 200 signInCombo-2.2.umd.js Show response
pwe.epochbase.com/libs/ 272 KB
78 KB 219ms
218ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/signInCombo-2.2.umd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e58c40208984f8d78fd3ee50e60c508b1b6041e516bb13b14232b33582dd5ddf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 15 Apr 2024 23:52:40 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 08:24:23 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 7C89 0
0 1013ms
141ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de-CH&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=bottomright&cb=oel76wz9fmmv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DUCpmSvsSGpoHP-nCGFrDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DUCpmSvsSGpoHP-nCGFrDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 07:24:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK playlist.m3u8 Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 1 KB
1 KB 696ms
695ms XHR
application/x-mpegurl 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/playlist.m3u8
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: c48b0a71481caa47c597b3c4cf55ed82a4880ea0e449e9f69292443f47fab060

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Cdn-Cache-Control: no-store
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: must-revalidate, max-age=10
Access-Control-Allow-Credentials: true
Akamai-Cache-Control: max-age=10,must-revalidate
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 ActaDeck-Medium.otf
cdn.epoch.cloud/assets/fonts/ 51 KB
51 KB 1994ms
1118ms Font
application/octet-stream 104.21.234.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4082
alt-svc: h3=":443"; ma=86400
content-length: 51776
last-modified: Wed, 19 Feb 2020 18:57:39 GMT
server: cloudflare
etag: "5e4d8523-ca40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUajchaoimQkqa0A6juaKZ0AickwAUCpmrXusDyLLr6BJQRCg4nmiPbpTbbAMlvIz%2FpAJsbMWInzUbdlo2PlqhJ5p917JlTpa2i6NWG8f7Nr3IjwsD584Y9SyvecnBqLFNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841635dbf6e3648-FRA

GET
H2 200 RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ 123 KB
124 KB 1095ms
219ms Font
application/octet-stream 104.21.234.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4082
alt-svc: h3=":443"; ma=86400
content-length: 126244
last-modified: Tue, 07 Jun 2022 20:08:09 GMT
server: cloudflare
etag: "629fb029-1ed24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwI7vGDw6WY9eaoHRhLhqbVY1l3q58dj8juWElsWDm82rsFrcxCaxMYqe%2BSptR1yRFaEQ%2BSBtndjzNRgO2PDQL%2BY7o9LmDOiI1pplIyRR%2BdITjZqnDR46zqRLu%2BE%2FklxHVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841635dbf6c3648-FRA

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 101 KB
36 KB 776ms
181ms Script
application/javascript 18.244.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-104.fra56.r.cloudfront.net
Software: /
Resource Hash: 9087c6926d7fdcb36fda0c14eec72a136b33ab4f8ff487220e91830e9916640a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:15:54 GMT
content-encoding: gzip
via: 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 61710
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: BtMbP-MkDAm24ckGHyFnHIns2nnTIUJh_NKxC863H2DBaDiuclhB1Q==

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
883 B 256ms
255ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDE0ODliYmJhLTRjYTctNDE5Yi04OTJmLTA1YTgzMjUwMmJjNhoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzE1NzU3ODYzNjQyGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDM5ODRhZjE5LTA0NjMtNGVlNy1iMDRlLTM4YTdkYjZiYmIzNRoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1715757863770
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache, no-cache
Date: Wed, 15 May 2024 07:24:23 GMT
Last-Modified: Wednesday, 15-May-2024 07:24:23 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 15 May 2024 07:24:23 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 592ms
165ms XHR
text/plain 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: cdnjs.mixi.media
URL: https://cdnjs.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.161.36.23 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 15 May 2024 07:24:24 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 AGSKWxXpz3PXotTMR7yNcBrz6b4dLOuNi3kwSVqY0DDBjVd1u7he4LSUIBJql_Xyj7trOAeQkUue25ioGueJ83nZ_PIwykwiIim1Fv8L1TXNH3zyCIf1FdGugC_1UC0KICah5m7g-Dt8jg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 187ms
185ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXpz3PXotTMR7yNcBrz6b4dLOuNi3kwSVqY0DDBjVd1u7he4LSUIBJql_Xyj7trOAeQkUue25ioGueJ83nZ_PIwykwiIim1Fv8L1TXNH3zyCIf1FdGugC_1UC0KICah5m7g-Dt8jg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzU3ODYzLDg0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubnRkLmNvbS9uZXcteW9yay10aW1lcy1wbGFucy1hdHRhY2stb24tc2hlbi15dW4taW52ZXN0aWdhdGl2ZS1qb3VybmFsaXN0Xzk4MDgzMS5odG1sIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQyXSxudWxsLDJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMw_QTUOn2bGdjvZzMIS4vT689phAQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

08b70ca6374a3f63680c5ff59d2abe0ac459d6698e12981aadd742a094b4e28e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--_gjtmKJ0hPQ9GaOoSSZUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:23 GMT
content-security-policy: script-src 'report-sample' 'nonce--_gjtmKJ0hPQ9GaOoSSZUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw0pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7FfZP0HxOWOF1nrgViIh2P5sYmb2ARuLOw7waykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBqaKxnYBRfYAAAxAxGew"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
15 KB 760ms
760ms Fetch
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166259029874366&correlator=2716293962749948&eid=44809527%2C31083344%2C95331446&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&gdpr=0&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&didk=2738978099&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1715757863998&lmt=1715757863&adxs=436&adys=192&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&vis=1&psz=1600x266&msz=728x0&fws=4&ohw=1600&ga_vid=1680266971.1715757862&ga_sid=1715757864&ga_hid=1965639196&ga_fc=true&dlt=1715757859931&idt=2776&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=1184540622&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4d8ec439313e561b7899799388d34cbbaac26c942d05e8df0186189d3e15586c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15105
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EDF 0
0 1069ms
182ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 07:24:25 GMT
expires: Thu, 15 May 2025 07:24:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 1207ms
1206ms Fetch
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166259029874366&correlator=2716293962749948&eid=44809527%2C31083344%2C95331446&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&gdpr=0&iu_parts=5965368%2Cntd.tv_336x280-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=2&didk=2421401148&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1715757864026&lmt=1715757864&adxs=1069&adys=589&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&vis=1&psz=370x296&msz=300x0&fws=4&ohw=370&ga_vid=1680266971.1715757862&ga_sid=1715757864&ga_hid=1965639196&ga_fc=true&dlt=1715757859931&idt=2776&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=263626175&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7027e2e1b4bdf365fdecefefa8f8c4c9ff7e41b57bc1cc5a7a69406b31094f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15226
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
14 KB 1912ms
1912ms Fetch
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166259029874366&correlator=2716293962749948&eid=44809527%2C31083344%2C95331446&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&gdpr=0&iu_parts=5965368%2Cntd.tv_aricle_below_end_336&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=3&didk=3956259508&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1715757864041&lmt=1715757864&adxs=459&adys=1624&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&vis=1&psz=803x266&msz=300x0&fws=4&ohw=803&ga_vid=1680266971.1715757862&ga_sid=1715757864&ga_hid=1965639196&ga_fc=true&dlt=1715757859931&idt=2776&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=2259591615&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3ff917e5b7474eba3937d2cd1a4cacaf0b01bb7f9a8020d116d004a2017651fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14347
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxV7tjGrNKMc-lZOHGHG5ivQsCtFV2sY6MIz3nBqHNIDQrOoHkuHs5nqEHMMRBdSG36DW2AXGPoN_DDq743q7UuWY1eSoYwmyZNR-f4bZEs5gJytXPwwR5VAdlkLdKjkUbNxHtYm_g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 96ms
95ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7tjGrNKMc-lZOHGHG5ivQsCtFV2sY6MIz3nBqHNIDQrOoHkuHs5nqEHMMRBdSG36DW2AXGPoN_DDq743q7UuWY1eSoYwmyZNR-f4bZEs5gJytXPwwR5VAdlkLdKjkUbNxHtYm_g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzU3ODY0LDYyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZGUiXSwiaHR0cHM6Ly93d3cubnRkLmNvbS9uZXcteW9yay10aW1lcy1wbGFucy1hdHRhY2stb24tc2hlbi15dW4taW52ZXN0aWdhdGl2ZS1qb3VybmFsaXN0Xzk4MDgzMS5odG1sIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQyXSxudWxsLDJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

c6d7ef921a9afbe1ed38711aab0f5b827a7b7a421514a5757acc43c44b0da3bd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MOBwjvTq0jf_nRn79Oy9Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MOBwjvTq0jf_nRn79Oy9Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtHikmJw1pBiWMy_i-m80x2m60BsoPGcyQKIJb6-ZNIC4pjn01lTgNgpfQZrCBD71M9gjQPi1pvnWKcDcdK_86wlQLxz8QXWg0C86sgF1k1A3P75AutMIP7GfpH1HxCXOV5krQNiIW6OFccmbmITeHHxpZmSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGpobGegVF8gQEAfXBH8g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK out0000.ts Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 594 KB
594 KB 167ms
167ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0000.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: bd24272c6ee55652401868ba3f4be6a70772da1b7f0b05dd9df8963a05108801

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:24 GMT
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31513603
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 607992

GET
H/1.1 200
OK out0001.ts Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 581 KB
581 KB 468ms
467ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0001.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 122b389bc408e98a1bfca4df7d88ad85a0d34d54bc558e8efe3b9e6a127689a1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:25 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535993
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405022220000/ Frame 14E3 196 KB
56 KB 1207ms
251ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5a1cab0d16be9936d6722638fb8e5a8f0cc9e020b024fe042178f36c0e96bf9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56100
x-xss-protection: 0
server: sffe
etag: "193bd302c45422e7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 14E3 15 KB
5 KB 1285ms
329ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

fd3a0419bb57c685bef172fc325325894762b903abad517aa47b2273304342f3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5205
x-xss-protection: 0
server: sffe
etag: "210802518b12a93a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 14E3 95 KB
28 KB 1242ms
286ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

c912331d6e7d06cf8470caaebe35ba2bcd335000ac00a68e53bce292195067b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29022
x-xss-protection: 0
server: sffe
etag: "0e3c5d295c30e73a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 14E3 5 KB
2 KB 1293ms
338ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

6960d6e86ca7620309992930e6a90bdfd76443e523d80097de2d030b8247cc69

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 May 2024 14:10:10 GMT
age: 62055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "ec1752382ab3b3ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 May 2025 14:10:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 14E3 40 KB
13 KB 1285ms
330ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

744d25ee650f5edeb1fadfaec9593f3c2393b00ec59363b4d634a90715041c6a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 May 2024 14:07:44 GMT
age: 62201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12943
x-xss-protection: 0
server: sffe
etag: "664530f02d87cb50"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 May 2025 14:07:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 14E3 18 KB
2 KB 1149ms
441ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 07:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 05:34:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 07:24:25 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13327668275494453677/ Frame 14E3 34 KB
34 KB 1153ms
357ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13327668275494453677/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

cbe7fa8ab6c4e644c71ffa22ed3ff9de11a881d0b95dcbdfa22cc76b51567c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 17:39:14 GMT
date: Tue, 14 May 2024 17:39:14 GMT
x-content-type-options: nosniff
age: 49511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34390
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:52:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 14E3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6e914bdb982dfe8a71f84acacf9853ac36fafba885cc5c43ddb6c09af778ec

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 14E3 2 KB
3 KB 1147ms
356ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 02:11:28 GMT
x-content-type-options: nosniff
server: cafe
age: 18777
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 May 2024 02:11:28 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 14E3 295 B
664 B 1146ms
355ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:10:11 GMT
x-content-type-options: nosniff
server: cafe
age: 62054
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 15 May 2024 14:10:11 GMT

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1715757864841&se=e30&duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&tv=v2.14.3&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-jour...
https://rp.liadm.com/j?se=e30&duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&cd=.ntd.com&dtstmp=1715757864841&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-a...

13 B
328 B

373ms
372ms

XHR
application/json

52.73.2.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?se=e30&duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&cd=.ntd.com&dtstmp=1715757864841&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: H2
Server: 52.73.2.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-2-199.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
x-pixel-event-id: 1df3eba5-f9c9-435e-9c2b-770c048d64ca
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: /j?se=e30&duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&cd=.ntd.com&dtstmp=1715757864841&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
access-control-allow-origin: https://www.ntd.com
date: Wed, 15 May 2024 07:24:26 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 n4403ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxWBi2DMjkq3PHdrHTZmGqTHqRiZJTyDKoip0iCzDKn2qOIdoWhQCU6RRVWv8ZUO_jvo-MrQXYGzTIPODajkj7E3woai-e8MjMksgEhlz4TvTy8CRn_2Jvn1tWd9WHdWj4HhROZrcZQpadO8-yh8oY2BUmvL9... 54 B
522 B 151ms
150ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBi2DMjkq3PHdrHTZmGqTHqRiZJTyDKoip0iCzDKn2qOIdoWhQCU6RRVWv8ZUO_jvo-MrQXYGzTIPODajkj7E3woai-e8MjMksgEhlz4TvTy8CRn_2Jvn1tWd9WHdWj4HhROZrcZQpadO8-yh8oY2BUmvL9QPv9TRnHH9UQs3lAGBMctj06dTQ8m7p/__top_ad_/googleadcode./AdBoxDiv./globalads-/n4403ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fG3hWZ150YQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyo6yJ_-XR4VdSakhBxpSXngys73Q/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

b7b15734de18819e3e6596d76913e786e89f13a657acb2ffdfc231f5ad283e81

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-V9ecse_tJNYiK7DKUNcuvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-V9ecse_tJNYiK7DKUNcuvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0pBiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmbSAOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAnPTvPGsJEO9cfIH1IBCvOnKBdRMQt3--wDoTiL-zX2T9D8RCPBwrjk3cxCawoHHTXmYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjEwNTQ2M9A6P4AgMAqoRIMw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 1525ms
227ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6effb31527f4d5d0e4a67fb62e231e864e8f7740d3a506493c8262109e3bf83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52403
x-xss-protection: 0
server: cafe
etag: 1330809263480297885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 15 May 2024 07:24:26 GMT

POST
H2 204 AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 1452ms
167ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tKX2FgAeuwh-8I6__U9yUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-tKX2FgAeuwh-8I6__U9yUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw05BicEqfwRoCxELcHKuOTdzEJrDgY3-ikktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU01jMwjy8wAACQ-SIk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg== Show response
fundingchoicesmessages.google.com/el/ 0
345 B 1302ms
167ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9i6G7pF0_068AB5tIK-Hxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9i6G7pF0_068AB5tIK-Hxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1pBicEqfwRoCxELcHKuOTdzEJvBi8bwkJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGporGdgHl9gAACV5SIz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405022220000/ Frame 9534 196 KB
0 699ms
699ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5a1cab0d16be9936d6722638fb8e5a8f0cc9e020b024fe042178f36c0e96bf9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56100
x-xss-protection: 0
server: sffe
etag: "193bd302c45422e7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 9534 15 KB
0 179ms
172ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

fd3a0419bb57c685bef172fc325325894762b903abad517aa47b2273304342f3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5205
x-xss-protection: 0
server: sffe
etag: "210802518b12a93a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 9534 95 KB
0 124ms
124ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

c912331d6e7d06cf8470caaebe35ba2bcd335000ac00a68e53bce292195067b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29022
x-xss-protection: 0
server: sffe
etag: "0e3c5d295c30e73a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 9534 5 KB
0 194ms
194ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

6960d6e86ca7620309992930e6a90bdfd76443e523d80097de2d030b8247cc69

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 May 2024 14:10:10 GMT
age: 62055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "ec1752382ab3b3ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 May 2025 14:10:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 9534 40 KB
0 175ms
175ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

744d25ee650f5edeb1fadfaec9593f3c2393b00ec59363b4d634a90715041c6a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 May 2024 14:07:44 GMT
age: 62201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12943
x-xss-protection: 0
server: sffe
etag: "664530f02d87cb50"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 May 2025 14:07:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9534 6 KB
801 B 638ms
442ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 07:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 05:34:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 07:24:25 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9534 2 KB
0 650ms
650ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 02:11:28 GMT
x-content-type-options: nosniff
server: cafe
age: 18777
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 May 2024 02:11:28 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9534 295 B
0 649ms
649ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:10:11 GMT
x-content-type-options: nosniff
server: cafe
age: 62054
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 15 May 2024 14:10:11 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/15937662730101266068/ Frame 9534 31 KB
31 KB 667ms
378ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15937662730101266068/2076313506083323656

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

c6bcb394dce92233237bd52a69e1471781d9be7cd9a265af67d3e06a82c29d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 14:36:58 GMT
date: Tue, 14 May 2024 14:36:58 GMT
x-content-type-options: nosniff
age: 60447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31817
x-xss-protection: 0
last-modified: Fri, 03 May 2024 08:21:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9534 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 640bc53fac14c6249e1163f1416fbc0f3bfa7e2f280a50e79194253c29cb7704

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405022220000/ Frame 364F 196 KB
0 30ms
30ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5a1cab0d16be9936d6722638fb8e5a8f0cc9e020b024fe042178f36c0e96bf9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56100
x-xss-protection: 0
server: sffe
etag: "193bd302c45422e7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 364F 15 KB
0 143ms
143ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

fd3a0419bb57c685bef172fc325325894762b903abad517aa47b2273304342f3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5205
x-xss-protection: 0
server: sffe
etag: "210802518b12a93a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 364F 95 KB
0 72ms
72ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

c912331d6e7d06cf8470caaebe35ba2bcd335000ac00a68e53bce292195067b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 May 2024 17:10:20 GMT
age: 137645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29022
x-xss-protection: 0
server: sffe
etag: "0e3c5d295c30e73a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 364F 5 KB
0 144ms
144ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

6960d6e86ca7620309992930e6a90bdfd76443e523d80097de2d030b8247cc69

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 May 2024 14:10:10 GMT
age: 62055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "ec1752382ab3b3ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 May 2025 14:10:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 364F 40 KB
0 143ms
143ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

744d25ee650f5edeb1fadfaec9593f3c2393b00ec59363b4d634a90715041c6a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 May 2024 14:07:44 GMT
age: 62201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12943
x-xss-protection: 0
server: sffe
etag: "664530f02d87cb50"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 May 2025 14:07:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 364F 6 KB
0 638ms
442ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 07:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 05:34:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 07:24:25 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 364F 2 KB
0 5ms
5ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 02:11:28 GMT
x-content-type-options: nosniff
server: cafe
age: 18777
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 May 2024 02:11:28 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 364F 295 B
0 5ms
5ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:10:11 GMT
x-content-type-options: nosniff
server: cafe
age: 62054
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 15 May 2024 14:10:11 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/12895517204826021653/ Frame 364F 51 KB
51 KB 195ms
189ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12895517204826021653/2076313506083323656

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

f1152917004ce3673c4939b5c4293efd4b7698a7d553e3aee2755e0caf1651ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 14:37:50 GMT
date: Tue, 14 May 2024 14:37:50 GMT
x-content-type-options: nosniff
age: 60396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51882
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 08:27:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 364F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b7bef94092eb4d55a8e42aa1fe5f6fee9e0ee94fadc80ccd12e968e39987082

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 364F 15 KB
16 KB 986ms
279ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 00:45:23 GMT
x-content-type-options: nosniff
age: 369543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 May 2025 00:45:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 364F 15 KB
15 KB 1145ms
439ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:28:14 GMT
x-content-type-options: nosniff
age: 82572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 364F 15 KB
15 KB 1040ms
335ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 64603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:27:43 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ Frame 14E3 33 KB
34 KB 1085ms
380ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:48:13 GMT
x-content-type-options: nosniff
age: 84973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 23:36:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 07:48:13 GMT

GET
H/1.1 200
OK out0002.ts Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 655 KB
655 KB 155ms
155ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0002.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 9ade0316d82f56d57adfed6f98166f7f456d6cfc9e1d6da211909262945332ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:26 GMT
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31513658
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 670220

GET adview
securepubads.g.doubleclick.net/pagead/ Frame 14E3 0
0

GET adview
securepubads.g.doubleclick.net/pagead/ Frame 9534 0
0

GET adview
securepubads.g.doubleclick.net/pagead/ Frame 364F 0
0

POST
H2 204 AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg== Show response
fundingchoicesmessages.google.com/el/ 0
350 B 122ms
121ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XZ29XbPSOGFKGsuWUhXnaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XZ29XbPSOGFKGsuWUhXnaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxEI8HKuOTdzEJrCh_csmJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKxnYB5fYAAAskEifQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg== Show response
fundingchoicesmessages.google.com/el/ 0
346 B 137ms
136ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGaP3DrIEnWJKAmHs2G2vNoiMuAmNIyyqAqoVDD9l7jly2mbn4xra8pX09qyOvdmI_ptqrYM-V0msGStxD6uygv6HYi4PcRUsVGdlQRsT0-O-U5tyhm8KE3JwN6gkPoz-G6r3iIg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LKamIQVsfaE_hDODyrh6-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LKamIQVsfaE_hDODyrh6-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoCxEI8HKuOTdzEJrBj9_z9TEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0FjPwDy-wAAArqwicA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ntd.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWWLedzXDfdkdCm3gdN2f-FezOp2b3Cv-vaxuWvHtdV1xG2b4kjapEItKdv34hB8ePJIfcVv1u9dlk4BpflqDLJk0XBtKiZQ3pE9UMRubyl4jwNiHHb8m-6pG7P-VAWKX4ToR9QLQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 134ms
133ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWWLedzXDfdkdCm3gdN2f-FezOp2b3Cv-vaxuWvHtdV1xG2b4kjapEItKdv34hB8ePJIfcVv1u9dlk4BpflqDLJk0XBtKiZQ3pE9UMRubyl4jwNiHHb8m-6pG7P-VAWKX4ToR9QLQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzU3ODY2LDYwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubnRkLmNvbS9uZXcteW9yay10aW1lcy1wbGFucy1hdHRhY2stb24tc2hlbi15dW4taW52ZXN0aWdhdGl2ZS1qb3VybmFsaXN0Xzk4MDgzMS5odG1sIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQyXSxudWxsLDJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

34379aae5e5c4f8bdaab5471b908b6d78c6209c599631b264d01a43f8a906790

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wEOgNbrJ20syrtwQNn2kig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wEOgNbrJ20syrtwQNn2kig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw0pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7FfZP0HxGWOF1nrgFiIh2PVsYmb2AR-HJm5k0lJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDU0FjPwCi-wAAAz4lGug"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK out0003.ts Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 554 KB
555 KB 531ms
531ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0003.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 11daf4723d6b32a8cb6562fb12dbdcbfc088e9ad45ab3945cc16611671f54d14

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:27 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535957
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

POST
H2 204 AGSKWxV4cab_mitdtEYk2As81XxXfHOJA8ToE_Z8gIEXmdYekUZL9-13y48U2FyLgknsBIZluuKGb-gMyfYhZnGwEBFaEXrn7foDIbCDroJQgY-vXzNcW-Af23tStwkc3TVA_id8FRL1Yw== Show response
fundingchoicesmessages.google.com/el/ 0
346 B 405ms
405ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4cab_mitdtEYk2As81XxXfHOJA8ToE_Z8gIEXmdYekUZL9-13y48U2FyLgknsBIZluuKGb-gMyfYhZnGwEBFaEXrn7foDIbCDroJQgY-vXzNcW-Af23tStwkc3TVA_id8FRL1Yw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GT3Zqxepnb2M0rdhaaZj6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 May 2024 07:24:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GT3Zqxepnb2M0rdhaaZj6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1JBicEqfwRoCxEI8HKuOTdzEJrDgya6bzEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0FjPwDy-wAAAxogiwQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 72731 Show response
idx.liadm.com/idex/unknown/ 0
368 B 1260ms
213ms XHR
text/plain 18.213.141.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe&cd=.ntd.com&pu=https%3A%2F%2Fwww.ntd.com&qf=0&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.213.141.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-213-141-93.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 0
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: 2055a5db7e756bd3
expires: Wed, 15 May 2024 08:24:28 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 244ms
244ms XHR
text/plain 46.161.36.23
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: cdnjs.mixi.media
URL: https://cdnjs.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.161.36.23 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: sm-server1-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 15 May 2024 07:24:27 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 1163ms
196ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ff605bd721cbdbe9052f7c19613f43f99c937aa0f7af07090958d80da390872a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12642
x-xss-protection: 0

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
https://a.clickcertain.com/px/smart/a/?seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&c=2455d1796b86efb
https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=9172d95c-03ba-4bdb-a0c4-febb9621d593

5 KB
2 KB

248ms
245ms

Script
text/javascript

172.67.74.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=9172d95c-03ba-4bdb-a0c4-febb9621d593
Protocol: H2
Server: 172.67.74.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73db68fb81661257e17e74633fca67f344d85188954d07cea2d361a577dd0e9

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 07:24:30 GMT
content-encoding: br
x-frontend: cc-nginx-67cd96f68-n6sx5:cc-nginx-67cd96f68-n6sx5
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 219088fb-276e-47b3-bfa3-31b76e9c555b
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awdyRl%2Bf2Bmr1%2BPlT0IJIwWkfQW%2BVlMWAtoeh6Mp895uqwAcYri7xpOxu28oNlXcka75tJd8wy4ltkYzNYLOVg%2BWjaniNiASPwnu2aIXCH%2BfDUG8dPUp9t7XTqJTV1FMvr8qTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 88416381d932695e-FRA

Redirect headers

date: Wed, 15 May 2024 07:24:29 GMT
x-frontend: cc-nginx-67cd96f68-2hfwb:cc-nginx-67cd96f68-2hfwb
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 9172d95c-03ba-4bdb-a0c4-febb9621d593
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BZXlDfO%2FoJX5wECTqegxq6k8z89nkb00ydnZTsWuW13%2FfwyraL12%2F%2FgrW7ocE%2BUv1bc%2FGUM3nv6M3LhtqCeY6auNN5T9TED0HAW6dYr74DZxNfeW7CKmsSvahiSdFO1us2C1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=9172d95c-03ba-4bdb-a0c4-febb9621d593
cf-ray: 8841637b2a9f695e-FRA

GET
H2 200 favicon.ico
www.ntd.com/images/ 99 KB
5 KB 723ms
723ms Other
image/x-icon 104.18.25.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

542613c8007b58650dadc2e0c690d3836fccf9a7a90ff35c13092ac06784447e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"18bc6-18a84a34db2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 8841636ec9e2bb13-MXP
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:24:27 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 14E3 42 B
202 B 441ms
440ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBbegIzhV_ywKmFjs9pQhy2nDeBBOOKNmX-QteBG2NvdlhOx71u1jL6cqxKh96kVw9DGzOCDvaNIItPXmTgoZi4zW9bZJ9_TE6np2qbCbcztKnd23BA197GO0bI7sG2sMrGV1TelStYG_Fs2D--MlYrBw_28elSWI&sai=AMfl-YQbwBI_WPkGBmOsiO0ZRAIv8cnmmZBRKN3lJgyuShKRWWjAsYiO0IYryzCIl5B2cqyldxdGUBEvvfTOfMP87aYkawECBYli3xqJpM-uXl9J0GiTylxNSt_kelgjCOguuSBkLQjDL2XNLflLt8z0eA&sig=Cg0ArKJSzLcSxtcTzeWyEAE&cid=CAQSTwB7FLtqKVZbpnLbU07TOF0H9gaf2pDAIOAro-xMOm6rHYO22GY7HFu3QnnBFU1p7155p25wQmd8I4-mw_Ltazde__ZvOVkXIbh9XbLXQogYAQ&id=ampim&o=315,67&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=1599&tls=2610&g=100&h=100&tt=2610&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.201&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 07:24:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9534 42 B
109 B 439ms
439ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_82rq2SXB1b1ma8Bdov18ZSxySyD-Jbyj4en75z4vvA9BTqWVAocpwyP96oR9Yvmf5jTWO0dlMYEsu9m-JixC_rOamWdgps6GVdd963V7ycHJgt-I_fpoQ02ahEy8AouJm3iyxnQ5YE0CsBiFQYtoP3hmw-9NyEc&sai=AMfl-YQ4yJ74jwk_-xMGVIKauME-MafGZZpaRxkbnn76BC-BDoNHSzSOPpEeiV6C3aD3oawzs8sN7D-cjufuQIBEz2Mx1ZJnvi43RO_R6nJrTlE6bAwA5tYejCk-nlSB78nUSYwaVLEidltuh4dxKQ3Y&sig=Cg0ArKJSzAfH9Ij7KLLIEAE&cid=CAQSTgB7FLtqg97AhTBYtCxL_BraBSHlYB74f1H375Ha5ApGB6dqajdvp7-Y6kU_pz8E11PJ8VZpfCUQTbEmnKDRqCWJ-JBCyfJ7XOX1NHoeShgB&id=ampim&o=1051,449&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1010&mtos=0,0,1010,1010,1010&tos=0,0,1010,0,0&tfs=1090&tls=2100&g=100&h=100&tt=2101&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.201&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 07:24:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 224ms
223ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 May 2024 07:24:28 GMT

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...

42 B
351 B

381ms
381ms

Image
image/gif

54.188.156.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522e2de1288-1411-4e17-9afb-0af1988bd194%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&tdc=1
Protocol: H2
Server: 54.188.156.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-188-156-187.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Wed, 15 May 2024 07:24:30 GMT
server: nginx/1.20.1
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522e2de1288-1411-4e17-9afb-0af1988bd194%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&tdc=1
date: Wed, 15 May 2024 07:24:30 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: nginx/1.20.1
content-type: image/GIF

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C87 0
0 1769ms
152ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 19268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 02:03:22 GMT
expires: Thu, 15 May 2025 02:03:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 4283 0
0 333ms
327ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rbID2Kb9A-FNSLECWuGAzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rbID2Kb9A-FNSLECWuGAzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 07:24:28 GMT
expires: Wed, 15 May 2024 07:24:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 503ms
502ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je45d0v896365836za200&_p=1715757860973&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=1680266971.1715757862&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&sid=1715757862&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&dt=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&_s=2&tfd=11601
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 May 2024 07:24:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK out0004.ts Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 186 KB
187 KB 571ms
570ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0004.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 0d2c10f2fe573823a1a4749824ca10cbf267ea663970d056cac9d8d823188c62

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:30 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535944
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 /
a.clickcertain.com/px/cont/ Frame F9E6 0
0 989ms
355ms Document
text/html 172.67.74.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=1fb6345e-cc03-4c96-a7c8-80024bc5e568&cn=CH&rid=9172d95c-03ba-4bdb-a0c4-febb9621d593
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 88416387df9e900c-FRA
content-encoding: br
content-type: text/html
date: Wed, 15 May 2024 07:24:31 GMT
etag: W/"MWZiNjM0NWVnY2MwM2c0Yzk2Z2E3YzhnODAwMjRiYzVlNTY4LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twnpQOwuwM%2BNMsPnd5BjcoBcP0dY5lhbn1GllWoLA9EXir2lGPAJHVb61jz6MXqPoqRzfYgcI3tzfnTB%2B%2FqOqB9pwxe0xxud%2BJ9zEKRSc2joyxtuId98bbOOCUdZV6b3PKrksw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-67cd96f68-dxhb5:cc-nginx-67cd96f68-dxhb5
x-requestid: 5235fcfc-3b7e-4d0c-b540-7ce1a1b03ebe

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H/1.1 200
OK out0005.ts Show response
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 427 KB
428 KB 500ms
500ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0005.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 15fc3d0739ac5c66768f3c7cb6bf968fd6d1b09e925f07d59d6d132f1f85c515

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:32 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535980
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK out0006.ts
vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/ 1 KB
0 444ms
443ms XHR
video/mp2t 2.19.198.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0006.ts
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-105.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ntd.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 07:24:36 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535946
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/playlist.m3u8

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CScvjKGNEZvfNBuOn9u8PrJyjuAKmq-7vdMHsgrPXEmQQASDo0LAfYPWFgICYBKAB467e5SnIAQmpAkFpSPUahbI-4AIAqAMByAMKqgSFA0_Q8fzpySeocWBs1zgwa4Slwyh0mf9WnYf1BD_Lagq30g4Pi_C34ExUn7gPl-SMS0ExK06BjgXWfXa2xCIpNdyntkhqveqRFnoVXGKpRnXkaROIHfM-IzB4iF26F69_qHYLVIQRAlJsGZuok93uwwg46YsTp_4lFgaa8pIWytMzIs4W0C_bcKsPK1ZrF4fazmnMcP3Cdt6ogjpqCxXfMJZcbSQ71kP9a6XoNXQFhY-0tplqBxPUt0Tlh5nhhDcVb7UK1fQjO4wER7Dlse0817vm6yFQ2VedUuoiuvRteBfM0Q5YYM6IgGocUrpZFSRFyQZc6whTtVnxLJLQ3Qg19zIojhbZk1SyCJuD9msHpRfvBVrLn9OM0VJT_DQsHg8vsgnBHAoTEOOvttgA8AfPj0MT2qWLzWHFeTMZkQMOE_sDor34n1W3x1dhJFFMoRQWroKVZjyfTLO365hoXtW-MCVQdzOFIKmLhN-VR1q5tk_hc0jMXX2wEueK9swLCcAnIYGkfJTlwAS_jKXuvwTgBAGIBanT1d9LkgUECAQYAZIFBAgFGASgBi6AB-PmrsUEqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQmfsi0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WMrBiZCQj4YDmgkPaHR0cHM6Ly92NzcuY2gvgAoDyAsB2gwQCgoQ0Kz_oNHA7qAmEgIBA-INEwjl8YmQkI-GAxXjk_0HHSzOCCfYEwzQFQGAFwGyFx4KHAgAEhRwdWItMjIxMTU1MjUzNzcwNDQwNxjA3AyyGAkSApNOGC4iAQA&sigh=r9h6nN-DmVw&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwB7FLtqKVZbpnLbU07TOF0H9gaf2pDAIOAro-xMOm6rHYO22GY7HFu3QnnBFU1p7155p25wQmd8I4-mw_Ltazde__ZvOVkXIbh9XbLXQogYAQ&template_id=5000&cbvp=2

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C47cqKGNEZrqsKbah9u8P0_KXiAvJ29qYdPWX8sjEEmQQASDo0LAfYPWFgICYBKABv5-wzSjIAQmpAmSW8EQ9KbI-4AIAqAMByAMKqgTyAk_QLbrtp0WFdqIfTktTvptR-as3ujhl5Aw5T9S5ODKXhy5XuM3rGfD22gUT3iGrcT_mresxvLpQ6I2ZHnXmGKi1jaWtW7UH5bnztX7pzJhwLnKvnPtCx_Oles4JKKp2ATNWRZ_r1yBiCvf7SIv-32WwDCg9ZQsZ_1cLHy_K_fhCetqlk9UAaTZBvI0Q-F5mjFghbM7rZzw8zpN5pKSODGaXoa9eL2vqPxwsBnnx1hCfKyK_p7fzFgGX-RivUAxqkoO67Xlcn_y_Fd7QBhlD41J9pDBcwDyJvwiFPxgZJjyzXtWEGHnnMNyoliM518dTSQxPn1qOAhzfz9lVsw72HsyJP19qpnS9FpUQl2Qbm5kEQPq31wql4a9kRxFD4wWwxktAAUt_5HKntT8MF5ykGHE4dctLb5TskWAcMg2HDJcJYLCa4bOYooLLd6d8N6QY0BsdUVEm8pq0rPDIxjYububd_21s_gga6MeyXHWrn7tChavABJu4janTBOAEAYgFnJn3-USSBQQIBBgBkgUECAUYBKAGLoAHv9eArQOoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBBDZjiPSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpY46mJkJCPhgOaCYMCaHR0cHM6Ly9kZXJpbGEuY29tL2FydGljbGVzL3Blb3BsZS1zbGVlcC13aXRoLXBhaW4tMz9sPWRlJmM9ZXVyJnZuZHI9ZGVyZ2dzaW0mc3ViaWQzPTE4NTA5MzE5MzI0JnN1YmlkPTE1OTgwNTI5OTczOSZzdWJpZDI9Njk5MDg5MTQ4MzkyJnN1YmlkND0mdXRtX3NvdXJjZT1Hb29nbGUmdXRtX21lZGl1bT1DUEMmdXRtX2NhbXBhaWduPTI0dzE4X0EtQUlfTW9uYUxpc2EmdXRtX3Rlcm09MjR3MThfQS1BSV9Nb25hTGlzYV8yJnN1YmlkMz0xODUwOTMxOTMyNIAKA8gLAdoMEQoLELCe_NH87cLimAESAgED4g0TCNrqiZCQj4YDFbaQ_QcdU_kFsbgT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMjIxMTU1MjUzNzcwNDQwNxjA3AyyGAkSAsxnGC4iAQA&sigh=7aZXUFC23rw&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgB7FLtqg97AhTBYtCxL_BraBSHlYB74f1H375Ha5ApGB6dqajdvp7-Y6kU_pz8E11PJ8VZpfCUQTbEmnKDRqCWJ-JBCyfJ7XOX1NHoeShgB&template_id=484&cbvp=2

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPa4wKWNEZtKwBfuf9u8PwPKz0Amm5pnbcKOZyNiTEWQQASDo0LAfYPWFgICYBKABwpXEzQPIAQmpAkFpSPUahbI-4AIAqAMByAMKqgTzAk_QQCNvvotq3m3b96a5pjDqoVIeUO_zfbaGwu7o8RXN33kfOHC6kWmSX1N2TeaLCxxc7G8TUGaapsEZ3bCpSJWXyBGAFPUsHRJ1raSHoM573BKE9nza2HpZ6Inz6sSsNZMBFJ6S64A0iInqEw2A1N6g1CjEN0n_l2kxxMO0ljJSeEb0jnsPNKdWpJpECwuE4gfdFQoe-SIu2KDrqW_Y4aPS3417Rxe1oamZGVr33w3xUeVdiUJrQxc4Mx6MPky3VkzY_KZHSYDqpBczAwYD7EjoD8Fe63-j5UyDQeFUag5Cb1j1qfrqn6W3PeTO54mJj7uVNu2NG2Btvz8mCzy-T0OPeiGFzXE2D5tWDrosDAzrYg21kP8t83hqnWw_NuUaQ3LV7If0ZsyXpj3_gVSj6CIWw5qFoo-_Mfv3IeGcFwtZzsM3LiOUnlU0gz9qysYu-8oObbnJBZKzHTzJ9bhpcoU4Mx2RG95yukGsadnsXt6OX9YCwAS-0qvEowTgBAGIBcanualJkgUECAQYAZIFBAgFGASgBi6AB6bquzKoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBBDBz0nSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpY88CJkJCPhgOaCRdodHRwczovL3d3dy5iZWxsLmNoL2ZyL4AKA8gLAdoMEQoLEJDok9OCzbbA2AESAgED4g0TCMaaipCQj4YDFfuP_QcdQPkMmrgT5APYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItMjIxMTU1MjUzNzcwNDQwNxjA3AyyGAkSAuJOGC4iAQA&sigh=TVp9o1NMmm0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwB7FLtq9TMgSmz88orG0YJjTzSWUE8X4zaDiFEyl0gUVQGyrd3YvZ6eh-UWzVuBRUicpWDWd1kcRkl4x8sU4CtLNfHogdflAYPkjIRPe30YAQ&template_id=484&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=3166259029874366&bg=!Xl2lXRLNAAav94VWj_c7ADQBe5WfOIS2QqL-E2_ETcNnQ93PSABHe447vpXOL23UKHDGMU13NGg1rD3C0xzFYVw-RO-XAgAAAFRSAAAABWgBB34ANWlLKvlnYerXCCcmYtqsBdvYr9OmJmLuBInnZcd7uehaUI915aAE0bc163mERL0zoCXdnSSBCgA-eujJeAwdSOUPvqKTQ4M0rh4buemRPN21N5OlgTn-WKW3_PY6Vyouh56XOGeyAeSwV7EdnB3n-aCvWZMNeYqZApv2IafpmZS6nOpx_eRd6D7MfHZXt_vCrVCiB6quGQM6yCJ3DuRtyyi54gic9zhQLd2wNkq7Ml5Fqm0UavE6iMD-2YMnOK9Fp_8RjsVlIlUEBSJabh5bVXHKfAS3N3DMFEZew6OQj2SX72pGRPdZ8sxlzaD4HX-rytn96dVAhTS8yZ6FtWytii_1lziqVcRYc7iLEeSpwiJbvNWTwqtBBpuxbP-h6OB9pRmSgJ3pqWML4FI_gmFyOQ5Xaqb240QwslHY5jiW8c3YvZme3DEgL2nCh_Hs8NdaDogHQM9EZTrjCBG9jicH7mew8nR835PR2kZQFF6LnV_9LXzBIPScuM4EEuV8nJnvfo1EhNRx0O2WVNsG9cSpXNxlTl2yrkxHRHwXDs6lM8HLaJCY_zOjyV6Y9dHFf5-TH6XJ4r6N9c3W-47TbtYFtJqxNdpATjZIW2nnuMt12tq4rryW2cULDjZ1lGlHLzuP-xxqDoc9q5nZ5QWUF3SWQRENcWo2t8lhNXTTtagNt1xDoEpdiJ84zCj124jm5F_yGHTbSvmWzmMnbpWOP_V-GiPeZ7vLork4XKkk8Wev6msRKt4AKIsOSXsJZryxXybuwfw1PmF4K2IeaOf5wKnXWJFlePkgStLt4JmcbE1ERVLlhNGM9yED6CuCqHFWFvjBKKdd1kfMRReuhWY8ICpA3DjWZJSfIzJ9C0zk7uhhKClYLnsUmObjznU52XjIk-_C-U1e1Cq5642U_mP91LIt6f9szi_d7XDawhV0vlioZSVhojFxjlPp9IYbd8eJKZjQKsj5JnmpTjXSPVhLdV72WSsXGm5AvSy_Gn2Pf6VAKJFnxRwtBIRkIa8S_qEqNojCaVozD4291nJv_4bzAFkPTcip1-BW

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 06:11:57	Name: lidid Value: fab1a45e-4e84-436e-ad8c-847f440e93a8
.ntd.com/	1970-01-21 06:11:57	Name: pw_cid Value: 25beaff0-128c-11ef-bfff-e1ce0b955d65
.ntd.com/	1970-01-21 06:11:57	Name: _ga Value: GA1.1.1680266971.1715757862
.ntd.com/	1970-01-21 05:21:33	Name: mp_lib Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f7b234e8410c5-09342b416d2b04-26001d51-1d4c00-18f7b234e8410c5%22%2C%22%24device_id%22%3A%20%2218f7b234e8410c5-09342b416d2b04-26001d51-1d4c00-18f7b234e8410c5%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.mixi.media/	1970-01-20 22:59:57	Name: nid Value: ads5-3sser15
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2eQbhh1R9KY
.youtube.com/	1970-01-21 00:55:09	Name: VISITOR_INFO1_LIVE Value: CEu7j614RKM
.youtube.com/	1970-01-21 00:55:09	Name: VISITOR_PRIVACY_METADATA Value: CgJDSBIEGgAgOg%3D%3D
stat.media/	1970-01-21 05:21:33	Name: _sm_uid Value: 1489bbba-4ca7-419b-892f-05a832502bc6
stat.media/	1970-01-21 05:21:33	Name: _sm_udt Value: 1715757863642
stat.media/	1970-01-20 20:35:59	Name: _sm_sid Value: 3984af19-0463-4ee7-b04e-38a7db6bbb35
stat.media/	1970-01-20 21:19:09	Name: _sm_cm Value: 32
.mixi.media/	1970-01-21 05:21:33	Name: _sm_uid Value: 1489bbba-4ca7-419b-892f-05a832502bc6
.mixi.media/	1970-01-21 05:21:33	Name: _sm_udt Value: 1715757863642
.mixi.media/	1970-01-20 20:35:59	Name: _sm_sid Value: 3984af19-0463-4ee7-b04e-38a7db6bbb35
.ntd.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ntd.com
.ntd.com/	1970-01-21 06:11:57	Name: _lc2_fpi Value: 33df6995a8cd--01hxxj6nps5vjwpj29pe3m8wxe
.ntd.com/	1970-01-21 06:11:57	Name: _lc2_fpi_meta Value: {%22w%22:1715757864666}
.ntd.com/	1970-01-21 05:57:33	Name: __gads Value: ID=f65f763836e400e9:T=1715757864:RT=1715757864:S=ALNI_MbruYnoYRNth2LwK8POH4u8r1OHXA
.ntd.com/	1970-01-21 05:57:33	Name: __gpi Value: UID=00000e1df1db1a9c:T=1715757864:RT=1715757864:S=ALNI_MYwkOk24lzTJmqhXQZKyNSL9wz9iw
.ntd.com/	1970-01-21 00:55:09	Name: __eoi Value: ID=efc4a06d07683579:T=1715757864:RT=1715757864:S=AA-AfjYpInF09fyQW5gE0YiyLGFP
.ntd.com/	1970-01-21 06:11:57	Name: _ga_2BRDBGYLL0 Value: GS1.1.1715757862.1.0.1715757866.56.0.0
.liadm.com/	1970-01-21 06:11:57	Name: lidid Value: fab1a45e-4e84-436e-ad8c-847f440e93a8
.doubleclick.net/	1970-01-21 06:11:57	Name: IDE Value: AHWqTUlr7bdWDI7k7d9yJzJUaEWxrSNUztlZNGId_su_h5RMocO93iMCCHJagldlJhk
.ntd.com/	1970-01-21 05:21:33	Name: FCNEC Value: %5B%5B%22AKsRol9HK6jERkZIel3-JQPrL2TGzWwDIo-bjJrQVYgRLqDRbbr7Ta-8RRQl7F2WDtLDLzEMPJ4rwvlqYW1V3vATjcC9xbIkMP8REZGdUfjMqqjONL6exNDGkXikjcDEE7YVdh5-RuWkQ9ArgMzu_GvfxqngJ3qnkQ%3D%3D%22%5D%5D
www.ntd.com/	1970-01-21 00:55:09	Name: _geuid Value: e2de1288-1411-4e17-9afb-0af1988bd194
www.ntd.com/	1970-01-21 00:55:09	Name: _geps Value: true
a.clickcertain.com/	1970-01-21 05:21:33	Name: _ccpx_u Value: 1fb6345e%2dcc03%2d4c96%2da7c8%2d80024bc5e568
a.clickcertain.com/	1970-01-21 05:21:33	Name: _ccpx_2455d1796b86efb Value: 1
a.clickcertain.com/	1970-01-21 05:21:33	Name: _ccpx Value: 2455d1796b86efb
.alocdn.com/	1970-01-21 05:21:33	Name: uuid Value: d938be45-1497-410a-882e-fdef033a27c4
.tapad.com/	1970-01-20 22:02:21	Name: TapAd_TS Value: 1715757872259
.tapad.com/	1970-01-20 22:02:21	Name: TapAd_DID Value: c3c65394-6a2c-45b3-a1fd-630c6b03cc19
.bidr.io/	1970-01-21 06:04:31	Name: bito Value: AAJvrU7MiMYAABUpXe6CJw
.bidr.io/	1970-01-21 06:04:31	Name: bitoIsSecure Value: ok
.tapad.com/	1970-01-20 22:02:21	Name: TapAd_3WAY_SYNCS Value:
.a.usbrowserspeed.com/	1970-01-21 05:21:33	Name: tuid Value: 544d81b0-fd7e-4a74-8eea-d16bf431f5a3

90 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.ntd.com/js/prebid.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Refused to execute script from 'https://www.ntd.com/js/prebid.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Message: Unmuting failed and the element was paused instead because the user didn't interact with the document before. https://goo.gl/xX8pDD
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
b-code.liadm.com
cdn.ampproject.org
cdn.epoch.cloud
cdnjs.mixi.media
ea.epochbase.com
fdcc7a2cc00162d42d7d4786be8d605f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.ntd.com
idx.liadm.com
mixi.media
mixproxy.epoch.cloud
p.alocdn.com
pagead2.googlesyndication.com
pwe.epochbase.com
region1.analytics.google.com
rp.liadm.com
s3-us-west-2.amazonaws.com
sc.youmaker.com
securepubads.g.doubleclick.net
stat.media
static.mixi.media
static4.mixi.media
static5.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.epochbase.com
tpc.googlesyndication.com
vs1.youmaker.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youmaker.com
www.youtube.com
www1.youmaker.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
vs1.youmaker.com
104.18.25.30
104.21.234.68
104.21.234.69
136.243.66.182
142.250.181.226
142.250.184.225
142.250.185.193
142.250.185.194
142.250.185.195
142.250.185.226
142.250.185.99
142.250.186.106
142.250.186.36
142.250.186.67
142.250.186.68
172.217.16.142
172.217.16.193
172.217.18.8
172.67.69.73
172.67.74.207
18.213.141.93
18.244.18.104
2.19.198.105
2.19.198.138
216.239.34.36
216.58.206.46
34.107.251.162
34.110.129.224
34.120.97.157
35.201.68.206
4.7.168.74
46.161.36.23
52.73.2.199
52.92.208.64
54.188.156.187
64.233.166.155
82.148.14.195
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
08b70ca6374a3f63680c5ff59d2abe0ac459d6698e12981aadd742a094b4e28e
094c838628119d8772c6b0138fcda26b8e57e6c4e8ca27ca16196833e17bbed5
09cfa981c6ada894afd02cb819a9b44ae8b3c51ef9b31b159e56c9e0d560ec31
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0d2c10f2fe573823a1a4749824ca10cbf267ea663970d056cac9d8d823188c62
0e2ff26a5f67cbf5c8ca66fb945569942523bea5d4100b430e3712d064debd6d
11daf4723d6b32a8cb6562fb12dbdcbfc088e9ad45ab3945cc16611671f54d14
122b389bc408e98a1bfca4df7d88ad85a0d34d54bc558e8efe3b9e6a127689a1
1371f28d818f62f48af9009f4f404f827456084d85617dcbea28a5154a774ebd
13ffc0034fe35f8455f16d4d99620f42a5f0365eb235395f3dbfcc914746cabd
15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d
15fc3d0739ac5c66768f3c7cb6bf968fd6d1b09e925f07d59d6d132f1f85c515
163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39
17d2e502cc1fb4fd0dffa94635007215704baa0b4888c14aea9325785ce195e7
190db7c18d530fd65169700ae873e8e8a68d958f145ab32679f3ade62acbc540
191d663db4906dfa050f500caa2e926691f3c575464ad7f19877026ca63677b1
1c42aefd381b7e07a20a87de61ab8488490a721d1148e6d7103d6fc77d815bd2
1f15b1ca1a332524a10d7f92638492e49a1497c3b15e632376b65b2d2e9ec443
203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937
21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0
276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4
29a43e8de8f2b788580c968f933ef7b07ea7f4fd9db4c66a2259f9d7ffdd31f7
2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
2f68e3166fdf867168ae06331fe0bc287bdc25a43d49e56b9f015b3b753d97b6
300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
34379aae5e5c4f8bdaab5471b908b6d78c6209c599631b264d01a43f8a906790
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3651629db858a96da085357cc48185f2baa6457c6214cfa0119f4ec3ab1417e3
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
3f58460179bdfc527e1ae7a32dfca6f77447660b1f4f336e5ca4c08759ae92ff
3f7d425c46fc811ea68aeec609eeaf7542a0c274575e02e5adb859f5d9e03b70
3fb8f699121425e2dbf1cd1c40db7a94325f6ce9c255c27b96b1de4918e4c857
3ff917e5b7474eba3937d2cd1a4cacaf0b01bb7f9a8020d116d004a2017651fc
40ef17d7598dc698eec044c413a30187830a3f9a9eb3b0130fb74c3fc41c6a4d
418bcc3b739d332ad22b8bf4ca45bc2d8b1fa67942ded5df9fe870f7a464c220
432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce
443c3da01b1c7f483f8deab3ad6b7f0acf771a54bb1312142f1914e08e05fbaa
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c
4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4d8ec439313e561b7899799388d34cbbaac26c942d05e8df0186189d3e15586c
502cf58aa20a5b9263824b8ae1334b5e73f539ecaa74e21139688c968c9d3d10
542613c8007b58650dadc2e0c690d3836fccf9a7a90ff35c13092ac06784447e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a38c5ce2c96478d4b76dec2dd1c7100416598d8fda45c8953a3b6c921bb7bf
5a1cab0d16be9936d6722638fb8e5a8f0cc9e020b024fe042178f36c0e96bf9c
5f7b9b07943d7025925b87351e28c31b1a57f4ebbdd6fcb497df899c79e9cb58
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640358130b8a6b2a822dda079bd3d0fb8ec94d78216ae4ac4a6cf7a09291dd84
640bc53fac14c6249e1163f1416fbc0f3bfa7e2f280a50e79194253c29cb7704
641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298
6960d6e86ca7620309992930e6a90bdfd76443e523d80097de2d030b8247cc69
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b92dd42dc5424c21a17ad2375ab473a44cc520749029445e7fe6385138d0d94
6c2e505569e02b7a8699f78666cec1a206a36562db1839697e1805b1f9647eb4
6d669b521bc3c21204755eb15a28a39a7830da4ad2308977518f6534beb5a248
6e2008cd403535e2622d82e08879ba4115af80d9820ed75fb51bc031f9ef24ea
6effb31527f4d5d0e4a67fb62e231e864e8f7740d3a506493c8262109e3bf83b
6f791eabefc065903d7efdab11dfdaa0fe2ee5523bdc9bca55fbb279e45b7a4b
7027e2e1b4bdf365fdecefefa8f8c4c9ff7e41b57bc1cc5a7a69406b31094f93
73c280c85744eeed7ce81be8ff9474528d5b07ff02a3045df2a40a88248dc1f0
744d25ee650f5edeb1fadfaec9593f3c2393b00ec59363b4d634a90715041c6a
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
7745e700cc600e8ad111cc9d752e7e5d888201979efeaba26155a49cb5865826
777bd3de92ddd431cce2afd34592672aefcc696b0581df5650f64b1f0d38fd82
77c1cd7ac39e616f9463a6add6b94f4030a4837eb6760444db6d148343c1c0f3
7b3c7dc60cd27fe314407372f443dd4636140aab08a28e92e94f686688229fc6
7cabbecad693f8744c27476446734f3688d37b29726181843400b5f181c9d759
7ee1238c140c95d522e8bf6922031841b6b9b4ea6257d0f25a55e8c740604f3e
7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe
8695f27534da8dd5764afa2fadfc0710f1df22757c32f59339809360faa17adb
875eee8bd1d0816a0d63463af19a88b6f69a84fc630faa49757e035af6d71a92
8b34b75e3508673fecd87827ecd5afe231282e3da5b53d8e0c30a42240b3ada8
8b7bef94092eb4d55a8e42aa1fe5f6fee9e0ee94fadc80ccd12e968e39987082
8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf
8e1862739d33ed00d6ac62da36d1b1321bf3591b791d55e14417def0860cd7cd
8e5f4888daa33a0f74f1d668420d5dae57600a773092e9e45730d5bd033edc20
9087c6926d7fdcb36fda0c14eec72a136b33ab4f8ff487220e91830e9916640a
9489fe0340c2811fb47051c5b1eefef435addb8504c4eed50d5de7c76c00e2dd
9ade0316d82f56d57adfed6f98166f7f456d6cfc9e1d6da211909262945332ec
9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a
9fda6bfcdabf466be34c4e7c123caaae3b211f194f9a9c064b7e185b07d06ea8
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a41bde13c433a30ed2267e633f2fd3c6786fc99d970945c8a03c93eaba580c67
a663498edc06e2e46029642508598e108e1e579ebd9ef45a36652527a3839aac
a73db68fb81661257e17e74633fca67f344d85188954d07cea2d361a577dd0e9
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0
ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
af08db4767d21c027efea07b5fc1e89ba264b48da0578ced16ecbcb00227d138
b14684cca4e2d1b1b060f77154406b44323dffc20a9902ec0696f20e018657a0
b7b15734de18819e3e6596d76913e786e89f13a657acb2ffdfc231f5ad283e81
b7f24fe5a604c76e4c7fb92b81b3d604dd24781e1f34b0cba5b7549481e2c3e6
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b8649a78d5ac000969d694682eec85115e82e77f05e7651174f36b089b1de32d
b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f
ba3d03d3ed17ff473b44dc3373591466ab700a69a0a3011f0d220914027c2d75
bd24272c6ee55652401868ba3f4be6a70772da1b7f0b05dd9df8963a05108801
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5
c03146f11e108dc037ff141be3d48d235b7e4306d4ea48848889b3625f123cb0
c447c3a5ce10293aac937c10c945119b33b34e9d07726e23ce3758e9fd66ffb9
c48b0a71481caa47c597b3c4cf55ed82a4880ea0e449e9f69292443f47fab060
c6637cc1299fd0a0fe21b237cf4069cb563a228645f48abbd9e2fb9915fbd278
c6bcb394dce92233237bd52a69e1471781d9be7cd9a265af67d3e06a82c29d9f
c6d7ef921a9afbe1ed38711aab0f5b827a7b7a421514a5757acc43c44b0da3bd
c912331d6e7d06cf8470caaebe35ba2bcd335000ac00a68e53bce292195067b0
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
cbe7fa8ab6c4e644c71ffa22ed3ff9de11a881d0b95dcbdfa22cc76b51567c7f
d1e7a77da72c3c3db5485012c058264ecf31012fae33677360b76afde5044247
de8dd938ecd1f3443ddf7aa3eb5e4f81a3c25a5d99fce8c85d8c2b08ce5793c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e58c40208984f8d78fd3ee50e60c508b1b6041e516bb13b14232b33582dd5ddf
e694fe9a05dff31510293e22b2d64d02a170a6530cb0aa7e2dc847d51bc0c6c8
e79efcd2dd40247f3956e93c37edb4e826f3147c388f9ebab9566fb450e6b421
ea660872abe29e5e806c4e1e55aaa1d46af42c50dace4c5d777a49336e95ad8c
ec6e914bdb982dfe8a71f84acacf9853ac36fafba885cc5c43ddb6c09af778ec
eec1241ebd35d11ba194df74f8bed321ca3164fb84a98b2d4ddfcd48072fc6e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1152917004ce3673c4939b5c4293efd4b7698a7d553e3aee2755e0caf1651ac
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5db3258e790dbb9006071920bf84c27b8ec85bfeee23711f624e1f5668257da
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc433e6c2d57da95c01e1ae34d57dd30367eef3e9a8df8e189e250814eede417
fd3a0419bb57c685bef172fc325325894762b903abad517aa47b2273304342f3
fde9ee51fca5303e3ecbc119c72e658e78537e8e2429f3dc1ecbccedccb9dd92
ff605bd721cbdbe9052f7c19613f43f99c937aa0f7af07090958d80da390872a

www.ntd.com Open in urlscan Pro 104.18.25.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

93 %HTTPS

0 %IPv6

21 Domains

42 Subdomains

37 IPs

4 Countries

6200 kBTransfer

11423 kBSize

37 Cookies

11 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ntd.com Open in urlscan Pro
104.18.25.30 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

93 %
HTTPS

0 %
IPv6

21
Domains

42
Subdomains

37
IPs

4
Countries

6200 kB
Transfer

11423 kB
Size

37
Cookies

188 HTTP transactions
10 data transactions