www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.to/china-cyber-spying-us
Effective URL:
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Submission: On December 31 via manual (December 31st 2021, 6:26:48 pm UTC) from US — Scanned from DE

Summary HTTP 323 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 67 IPs in 12 countries across 56 domains to perform 323 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.ntd.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2021. Valid for: a year.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:2a1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
7	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
10	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 3	143.204.209.17 143.204.209.17	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
3	65.9.58.69 65.9.58.69	16509 (AMAZON-02) (AMAZON-02)
4	184.87.212.24 184.87.212.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
11	34.120.33.89 34.120.33.89	15169 (GOOGLE) (GOOGLE)
32	23.205.242.120 23.205.242.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	104.90.192.189 104.90.192.189	16625 (AKAMAI-AS) (AKAMAI-AS)
7	3.38.76.215 3.38.76.215	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:401... 2a00:1450:4019:80c::2002	15169 (GOOGLE) (GOOGLE)
12	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
4	146.185.195.94 146.185.195.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
9	142.250.181.98 142.250.181.98	15169 (GOOGLE) (GOOGLE)
3	3.36.41.122 3.36.41.122	16509 (AMAZON-02) (AMAZON-02)
2 4	211.249.220.158 211.249.220.158	7625 (DAUM-AS K...) (DAUM-AS Kakao Corp)
12 14	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	3.38.125.168 3.38.125.168	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
4	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
8	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
12	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	52.218.236.80 52.218.236.80	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::ac43:4549	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2606:4700:303... 2606:4700:3039::6815:c074	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 39	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:6948:8012:aae3:d8b9	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 8	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.86.210.192 52.86.210.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
4 4	3.125.196.46 3.125.196.46	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.26.64 34.246.26.64	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	54.205.198.81 54.205.198.81	14618 (AMAZON-AES) (AMAZON-AES)
1 2	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 2	18.213.10.151 18.213.10.151	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	44.239.105.249 44.239.105.249	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:ea4e	() ()
1	13.35.253.128 13.35.253.128	() ()
323	67

1 2606:4700:3037::6815:2a1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.209.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-17.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.58.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-69.fra56.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com

comment.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 23.205.242.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-242-120.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.90.192.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-189.deploy.static.akamaitechnologies.com

cdneast2-xch.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.38.76.215 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4019:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.185.195.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel23.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr04s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.36.41.122 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-41-122.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 211.249.220.158 (Korea, Republic Of) 2 redirects

ASN7625 (DAUM-AS Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.16.130 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.38.125.168 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-125-168.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.236.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4549 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3039::6815:c074 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2.20.157.55 (Milan, Italy) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:6948:8012:aae3:d8b9 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.54.177.54 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.210.192 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-210-192.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.102.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.125.196.46 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-196-46.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.26.64 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-26-64.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.198.81 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.105.249 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-105-249.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea4e (None, )

ASN- ()

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.128 (None, )

ASN- ()

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	dable.io static.dable.io api.dable.io r-log.dable.io adx.dable.io images.dable.io	247 KB
43	ntd.com www.ntd.com img.ntd.com	2 MB
35	casalemedia.com 8 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	35 KB
24	doubleclick.net 12 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	138 KB
23	adnxs.com prebid.adnxs.com ib.adnxs.com acdn.adnxs.com secure.adnxs.com	81 KB
22	youmaker.com subs.youmaker.com sc.youmaker.com comment.youmaker.com	868 KB
15	amazon-adsystem.com 4 redirects c.amazon-adsystem.com s.amazon-adsystem.com	47 KB
13	rubiconproject.com 4 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	18 KB
12	mixi.media mixi.media static.mixi.media target.mixi.media static8.mixi.media static3.mixi.media static2.mixi.media static4.mixi.media	327 KB
11	googlesyndication.com ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	706 KB
11	media.net hbx.media.net contextual.media.net cdneast2-xch.media.net c21lg-d.media.net	135 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	370 KB
8	indexww.com js-sec.indexww.com	8 KB
8	districtm.io dmx.districtm.io cdn.districtm.io	388 B
7	google.com www.google.com adservice.google.com	22 KB
6	pubmatic.com ads.pubmatic.com image6.pubmatic.com	61 KB
6	yahoo.com 1 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	2 KB
5	adsrvr.org match.adsrvr.org	1 KB
5	clickcertain.com 2 redirects a.clickcertain.com	4 KB
5	openx.net u.openx.net	317 B
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	gumgum.com g2.gumgum.com	1 KB
4	stat.media stat.media	29 KB
3	googletagservices.com www.googletagservices.com	100 KB
3	google.de www.google.de adservice.google.de	1 KB
3	chargebee.com js.chargebee.com	67 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	alocdn.com 1 redirects p.alocdn.com	977 B
2	tapad.com 2 redirects pixel.tapad.com	911 B
2	eqads.com 1 redirects um2.eqads.com	564 B
2	simpli.fi 1 redirects um.simpli.fi	846 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com	755 B
2	dotomi.com 1 redirects prebid-match.dotomi.com casale-match.dotomi.com	290 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
2	kakao.com act.ds.kakao.com	986 B
2	daum.net 2 redirects analytics.ad.daum.net	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	pushengage.com clientcdn.pushengage.com	19 KB
1	epoch.cloud services.epoch.cloud	2 KB
1	extend.tv 1 redirects sync.extend.tv	546 B
1	bttrack.com bttrack.com	380 B
1	adroll.com 1 redirects d.adroll.com	112 B
1	adotmob.com 1 redirects sync.adotmob.com	307 B
1	mathtag.com 1 redirects sync.mathtag.com	656 B
1	remarketstats.com 1 redirects a.remarketstats.com	679 B
1	amazonaws.com s3-us-west-2.amazonaws.com	26 KB
1	sonobi.com sync.go.sonobi.com	513 B
1	criteo.com gum.criteo.com	376 B
1	twitter.com analytics.twitter.com	675 B
1	t.co t.co	470 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
1	tnews.to 1 redirects tnews.to	961 B
0	everesttech.net Failed sync-tm.everesttech.net Failed
323	56

	Domain	Requested by
26	images.dable.io	api.dable.io static.dable.io
24	www.ntd.com	www.ntd.com
19	img.ntd.com	www.ntd.com
18	dsum-sec.casalemedia.com	4 redirects ssum-sec.casalemedia.com um2.eqads.com
14	cm.g.doubleclick.net	12 redirects
12	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com ssum-sec.casalemedia.com
12	ib.adnxs.com	www.ntd.com acdn.adnxs.com
11	comment.youmaker.com	www.ntd.com comment.youmaker.com
10	subs.youmaker.com	www.ntd.com subs.youmaker.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ntd.com
8	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com
8	js-sec.indexww.com	www.ntd.com ssum-sec.casalemedia.com
7	api.dable.io	static.dable.io ajax.googleapis.com
7	cdneast2-xch.media.net	www.ntd.com
7	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	static.dable.io	www.ntd.com api.dable.io
5	match.adsrvr.org	ssum-sec.casalemedia.com
5	a.clickcertain.com	2 redirects a.remarketstats.com a.clickcertain.com
5	ads.pubmatic.com	www.ntd.com
5	u.openx.net	www.ntd.com
5	prebid.adnxs.com	www.ntd.com
5	www.google.com	www.ntd.com www.gstatic.com www.google.com tpc.googlesyndication.com
5	fonts.gstatic.com	www.ntd.com www.google.com fonts.googleapis.com
4	pm.w55c.net	4 redirects
4	token.rubiconproject.com	4 redirects
4	cdn.districtm.io	www.ntd.com
4	acdn.adnxs.com	www.ntd.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	htlb.casalemedia.com	www.ntd.com
4	fastlane.rubiconproject.com	www.ntd.com
4	dmx.districtm.io	www.ntd.com
4	c2shb.ssp.yahoo.com	www.ntd.com
4	g2.gumgum.com	www.ntd.com
4	stat.media	mixi.media stat.media
4	www.gstatic.com	www.google.com www.gstatic.com
3	pixel.rubiconproject.com
3	r-log.dable.io	static.dable.io
3	static3.mixi.media	www.ntd.com
3	mixi.media	www.ntd.com static.mixi.media
3	www.googletagservices.com	hbx.media.net securepubads.g.doubleclick.net
3	js.chargebee.com	subs.youmaker.com js.chargebee.com
3	sb.scorecardresearch.com	1 redirects www.ntd.com
2	p.alocdn.com	1 redirects
2	pixel.tapad.com	2 redirects
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	um.simpli.fi	1 redirects ssum-sec.casalemedia.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	p.rfihub.com	2 redirects
2	beacon.lynx.cognitivlabs.com	2 redirects
2	secure.adnxs.com	ssum-sec.casalemedia.com
2	eus.rubiconproject.com	www.ntd.com eus.rubiconproject.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	adx.dable.io	www.ntd.com
2	act.ds.kakao.com	www.ntd.com
2	analytics.ad.daum.net	2 redirects
2	static.mixi.media	mixi.media www.ntd.com
2	hbx.media.net	www.ntd.com hbx.media.net
2	www.google-analytics.com	www.ntd.com www.google-analytics.com
1	clientcdn.pushengage.com	www.ntd.com
1	services.epoch.cloud	www.ntd.com
1	sync.extend.tv	1 redirects
1	bttrack.com	ssum-sec.casalemedia.com
1	d.adroll.com	1 redirects
1	sync.adotmob.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ads.yahoo.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	c21lg-d.media.net	hbx.media.net
1	a.remarketstats.com	1 redirects
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	image6.pubmatic.com	ads.pubmatic.com
1	prebid-match.dotomi.com	www.ntd.com
1	sync.go.sonobi.com	www.ntd.com
1	ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ajax.googleapis.com	api.dable.io
1	fonts.googleapis.com	api.dable.io
1	static4.mixi.media	www.ntd.com
1	static2.mixi.media	www.ntd.com
1	static8.mixi.media	www.ntd.com
1	target.mixi.media	www.ntd.com
1	contextual.media.net	hbx.media.net
1	gum.criteo.com	hbx.media.net
1	www.google.de	www.ntd.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com	static.ads-twitter.com
1	sc.youmaker.com	www.ntd.com
1	t.co	www.ntd.com
1	static.ads-twitter.com	www.ntd.com
1	www.googletagmanager.com	www.ntd.com
1	tnews.to	1 redirects
0	sync-tm.everesttech.net Failed
323	95

This site contains links to these domains. Also see Links.

Domain
legendsunfolding.com
newsletter.ntd.com
www.ntdtv.com
ntdtv.fr
www.ntdtv.kr
www.ntdtv.jp
www.ntdvn.net
ntdtv.ru
www.facebook.com
twitter.com
mixi.media

Subject Issuer	Validity	Valid
*.ntd.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-11` - `2022-09-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
js.chargebee.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
static.dable.io R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh
mixi.media R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
static.mixi.media R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
stat.media R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
target.mixi.media R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-05`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-19` - `2022-06-18`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Frame ID: E5E7A0955EC53D29A15975A026FB4711
Requests: 167 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=dpzerdpeyu7m
Frame ID: 279021A2FB95FC252E39F871021C2992
Requests: 7 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
Frame ID: 5618A798BF7EA759126B77CD182776EE
Requests: 2 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Frame ID: E8528E86286E24C15BAD2867FC05211D
Requests: 7 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Frame ID: 8B3EC111D729697C8F89808097611997
Requests: 37 HTTP requests in this frame

Frame: https://ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3591B1767056D751998CD2FABA6472FC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 43FE3003D0F8A85C9D2143A5F1F1719E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Frame ID: 89C1BE8E2CD4C2105B285DEA4A69DD32
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstulMUM3CRo_TZfiy172XYT3Wstd_buXiGAOK-7urwC9WdiFUgcdfPOtvgkgZ-9lctCSxiiMCvg0udp1hh8RuQX0LL8X3_6tb7Az5Da09c6LW7WLkdXYIaC-ZlQi6y0HVBahcYx2N8bW-Og-0A7hBZ1o8NIKr4_qqsHs3ziMbbkpidzhT1sAyKAoifCvwIQN-YDIQQA5wy8YI4PfKWpPPSwwJF8rFgTFtsHoDhpdQYFmdLpChQBh07S69i71GGZdbaUtBvJAvNWRFBd7upS-d1M7P_BMzAMDePG3zVBR95TXIcl2hNYHhZNvELn8oE8Edf1PE3mI3gkg_0&sig=Cg0ArKJSzM2ag8yKvCFNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CD7DE580D261BC84D7CC7AF78137DED1
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0Bks1V5PCA_jzAUe2Df0sYfQcc-4EKGEQM4_2OgswlsJpMrTQzyuD1glDz7SjRjQTOKLjq24eBNEMLkuQYYKFxOP_DcPG5fDpq4e4AzanzCLtY2SxIbIwyMXtu3RLSdjQNs_EC6u4lLQl-co2C30XUaVGt0AMmwto3oXBbAWXK2vRb4QiNvoc6C7HldMHvKKj4GHYh-qDwx66wUSwCxKH0-BOckfNvyZ-RqH2U2V57z_GUx85-svC6bSh2pHL8YhLUqUB-ddUDQ6h32FQeSqAapUbqxo_QhU8JMDfq1eSurS8ir2iTt2CpJngbbE4B9sBEyzT_4fEx-WDbMjGYGS4ZQkrdjARLfAMr_IGHbGFhw&sig=Cg0ArKJSzLieZWdrT6JlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3EAA9AB968429ED9AAF2480F53AFDAB3
Requests: 6 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=273%2C159%2C59%2C3008%2C255%2C214%2C3018%2C157%2C77%2C141%2C126%2C80%2C208%2C109%2C2034%2C117%2C222%2C3%2C2030%2C251%2C3017%2C2027%2C3016%2C3015%2C184%2C3007%2C201%2C226%2C3012%2C188%2C246%2C203%2C108%2C175%2C178%2C3014%2C97%2C186%2C229%2C2033%2C193%2C2026%2C225&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 3D00503326007F022186EFD3B0CE9486
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E13B310E44E825DAF9AAAD2F21EDB75
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2031BD9B0CD06D6C3ECFE33831334581
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 04E53282C3FF49CD6D34D938FEE64D47
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F6895A45DC4245760D4613D1342395CF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4FB0A8E1B8205CF1C72076F08FDAB219
Requests: 10 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 2ACCDA6312BE7A2E1CDC208437C68AFF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 80EEE8CB37D054DC5F6F1D5DA5DA08B5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A7538D7CFD5E0D3E86430CC0E53AD6CE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0717494F33204E50D0B59108919D047C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EE17849AACB885A194B05B2D73CDFDE9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 518911CECE5DC0B7C077E0325F583788
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B601FC90492C43AC90BDE10FC7E343C5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 19047A5B449F326EB08313E8FAB114AD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F894A98AF9C7A4CEC4C9D36CB985F049
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 72E52223075562AA90EC1B7649FAC15E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 913F2463A9349658355117BC6FAAEE4E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BFB1D8CBE9332581CCF81239C2F772BC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CE3DB78AF598285C5DA1833A998D935D
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 71FA78E51EDC2A4036652A855606A2EB
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6EB033C010EA5F215EFC30D20020F681
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D76435F918B1FF2DC15FC85342F8D355
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: ADD89A6A1B09FEC760A8E9C3040690E0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 35E72D0B41CCBA5A7275BD2028DC9160
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: EF4D609AF831E98A9BF01435DB9B9CD8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C52348C6ACDEFB92244A7872E9C969E5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 37A560370841A02261FE821E0D30696A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D479E19C605BDC8C1C2BC10EFE8D1815
Requests: 9 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&cn=DE
Frame ID: BD46433242A75F815165E645A9325FA4
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: F77E31CF800FC6B3FCA3CB8BD80D89CB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Critical Entities Targeted in Suspected Chinese Cyber Spying

Page URL History Show full URLs

https://tnews.to/china-cyber-spying-us HTTP 307
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

323
Requests

88 %
HTTPS

31 %
IPv6

56
Domains

95
Subdomains

67
IPs

12
Countries

5791 kB
Transfer

8894 kB
Size

65
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://legendsunfolding.com/
Title: Legends Unfolding

Search URL Search Domain Scan URL

URL: http://newsletter.ntd.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.ntdtv.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://ntdtv.fr/
Title: FRENCH

Search URL Search Domain Scan URL

URL: https://www.ntdtv.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.ntdtv.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.ntdvn.net/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://ntdtv.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&via=news_ntd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10950949&bl=95162&ct=adpreview&st=46&nvuuid=4b1973d1-6225-ba79-6100-001fcfa70179&bvuuid=33b67ad2-f905-4bd2-bd94-c1104a5fe3bd&rnd=528077177&ag=25&ev=H4sIAAAAAAAA_wEaAOX_ChilspwFwe-7Bc-OswWkhaMF7YKYBazPrwUs5PBvGgAAAA

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11466689&bl=95162&ct=adpreview&st=46&nvuuid=4bf77368-62c1-bac5-6100-0040cfae0138&bvuuid=33b67ad2-f905-4bd2-bd94-c1104a5fe3bd&rnd=1077438661&ag=25&ev=H4sIAAAAAAAA_wEaAOX_ChilspwFwe-7Bc-OswWkhaMF7YKYBazPrwUs5PBvGgAAAA

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11323215&bl=95162&ct=adpreview&st=46&nvuuid=4bc773f5-624f-ba81-6100-0061cfac0178&bvuuid=33b67ad2-f905-4bd2-bd94-c1104a5fe3bd&rnd=1635317121&ag=25&ev=H4sIAAAAAAAA_wEaAOX_ChilspwFwe-7Bc-OswWkhaMF7YKYBazPrwUs5PBvGgAAAA

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11059876&bl=95162&ct=adpreview&st=46&nvuuid=4bc273b4-62a4-babf-6100-0051cfa801d4&bvuuid=33b67ad2-f905-4bd2-bd94-c1104a5fe3bd&rnd=1372894399&ag=25&ev=H4sIAAAAAAAA_wEaAOX_ChilspwFwe-7Bc-OswWkhaMF7YKYBazPrwUs5PBvGgAAAA

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10879341&bl=95162&ct=adpreview&st=46&nvuuid=4b0173d1-626d-ba4f-6100-004dcfa601e3&bvuuid=33b67ad2-f905-4bd2-bd94-c1104a5fe3bd&rnd=1306775887&ag=25&ev=H4sIAAAAAAAA_wEaAOX_ChilspwFwe-7Bc-OswWkhaMF7YKYBazPrwUs5PBvGgAAAA

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=11265964&bl=95162&ct=adpreview&st=46&nvuuid=4be773f0-62ac-ba95-6100-001bcfab01f2&bvuuid=33b67ad2-f905-4bd2-bd94-c1104a5fe3bd&rnd=468906133&ag=25&ev=H4sIAAAAAAAA_wEaAOX_ChilspwFwe-7Bc-OswWkhaMF7YKYBazPrwUs5PBvGgAAAA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.to/china-cyber-spying-us HTTP 307
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1640975200957&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1640975200957&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9=

Request Chain 120

https://analytics.ad.daum.net/match?d=111&uid=40944722.1640975202687 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc= HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1

Request Chain 220

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html HTTP 302
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=critical%2dentities%2dtargeted%2din%2dsuspected%2dchinese%2dcyber%2dspying_627894%2ehtml HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb

Request Chain 255

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 256

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 257

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 258

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 260

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA2MDYxMWQzMjk5NzEwZWU1MDE4YTQ1MDU3YTI4YWNjNTUxYmFlZQ

Request Chain 261

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bc4561cf-4b65-4600-a569-8cf71b22a3d3

Request Chain 262

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/GUaQ3ra0FBNEEoyAcg44Zw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3464064349838276064

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJhyRAmTxS0LINBUhV99hyE&google_cver=1

Request Chain 265

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hVUTlNVlUtVy00RDI1

Request Chain 266

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXUQ9MVU-W-4D25&sigv=1&esig=2~57732edeb35dc1b323d64b0800e6acf4bdc40120

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

Request Chain 269

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

Request Chain 271

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB&dcc=t

Request Chain 273

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=40d5d9c8-3d4f-47c2-ac3e-cd4bc68c4a4f&expiration=1672511206

Request Chain 274

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822221015060

Request Chain 275

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Yc9LZiuQgSsUiLAOim15swAA%261198?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yc9LZiuQgSsUiLAOim15swAA%261198?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 277

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

Request Chain 280

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

Request Chain 281

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641061606&gdpr=1

Request Chain 283

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559722100736703

Request Chain 286

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

Request Chain 288

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

Request Chain 290

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 291

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xGvxhjn31N3mC25&gdpr=1

Request Chain 292

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

Request Chain 296

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

Request Chain 298

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

Request Chain 299

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=689c82a0-4f6e-49de-94ab-ee9fe1efe9a5

Request Chain 300

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=APcLrUML1N3mC25&gdpr=1

Request Chain 301

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 302

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f3c76c23-d752-41c7-9fda-05497a5c7124&expiration=1672511206

Request Chain 304

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1

Request Chain 311

https://analytics.ad.daum.net/match?d=111&uid=40944722.1640975202687 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D

Request Chain 313

https://a.clickcertain.com/px/ta/?ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=48d66f96-9b05-469c-81a6-d99d28785432

Request Chain 314

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522b26aeb25-ca16-4950-99f8-5534a40e6fe9%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522b26aeb25-ca16-4950-99f8-5534a40e6fe9%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tdc=1

Request Chain 315

https://a.clickcertain.com/px/r/?ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd1f27497%25252ddd0f%25252d4c91%25252d8d99%25252df0ba6453eee7%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd1f27497%25252ddd0f%25252d4c91%25252d8d99%25252df0ba6453eee7%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&_li_chk=true&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&previous_uuid=c770280741f649abbdfb587b1945e8f5 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253dd1f27497%252ddd0f%252d4c91%252d8d99%252df0ba6453eee7%2526anx_uId%253d%2524UID&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dd1f27497%2ddd0f%2d4c91%2d8d99%2df0ba6453eee7%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dd1f27497%2Ddd0f%2D4c91%2D8d99%2Df0ba6453eee7%26anx_uId%3D%24UID&google_gid=CAESEAf2GUqqAh71wPEjgZk0fxA&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&anx_uId=8722759899100838220

323 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Show response
www.ntd.com/
Redirect Chain

https://tnews.to/china-cyber-spying-us
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

47 KB
14 KB

900ms
859ms

Document
text/html

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

762072fec74912102dddbcb88679fb6a9ea20ffdcb4e3fc80a388a6da3ba4410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
accept-ranges: bytes
cache-control: max-age=599
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-hw: 1640975200.cds003.fr8.hn,1640975200.cds125.fr8.sc,1640975200.dop092.sj3.r,1640975200.cds107.sj3.sc,1640975200.cds107.sj3.p,1640975201.cds125.fr8.p
server: nginx/1.12.2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-device: desktop
x-cache-status: MISS

Redirect headers

date: Fri, 31 Dec 2021 18:26:40 GMT
content-type: text/html; charset=UTF-8
location: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.3 http://prettylink.com
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mieMEQgiQNFDiC9aQBUepqGDPb9BmrXjseoRCHiH2MjXmXNH5Ubs%2F%2BUXF%2FzRzNcwwxcJmHywIUgf16WHlbp4ycWbrxnzKwIQLbPd0Z%2FKGd40fAP3ZoL914%2Fw6V3GsWqEahLKudhwuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c658eabbe26062d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 66ms
12ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 04NH7GG7K85MJ2BT24WX
etag: 1e39d25f07f5619925357b752ab10d04
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 31 Dec 2021 18:26:41 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: iSnrHsfmYQjDR3iDcxo0qqQBQDTyrRBss3vApZiKsN4tAbXij1ki7g==

GET
H2 200 prebid.js Show response
www.ntd.com/assets/themes/m-ntd/js/ads/ 285 KB
106 KB 11ms
11ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 18:58:27 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5fac3453-47523"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds139.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 108407
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 template.css
subs.youmaker.com/lib/ 8 KB
9 KB 151ms
113ms Stylesheet
text/css 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css?ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
last-modified: Thu, Dec 23 2021 17:11:20 GMT
server: nginx/1.20.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 8659

GET
H2 200 style.css
www.ntd.com/assets/themes/ntd/ 2 KB
971 B 24ms
23ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6f13-6aa"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds145.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 859
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.ntd.com/assets/themes/ntd/css/ 25 KB
7 KB 23ms
23ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Nov 2021 15:39:08 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"61a4f41c-63d3"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds098.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 6600
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/ 41 KB
26 KB 24ms
24ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 22 May 2021 15:30:29 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"60a92395-a2da"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds144.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 26471
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 single.css
www.ntd.com/assets/themes/ntd/css/ 15 KB
4 KB 25ms
25ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210824

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

454a5dfc464806755d550d689f5202cf1ab09e7011626b601266406568932f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 20:04:55 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"612550e7-3db8"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds280.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 4285
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 LIVE_TV.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 35ms
34ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/LIVE_TV.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 18:53:29 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "617af1a9-615"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds254.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1557
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_ntd_evening_news.jpg
img.ntd.com/assets/uploads/2021/02/ 64 KB
64 KB 59ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_evening_news.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Tue, 02 Feb 2021 20:05:39 GMT
server: nginx/1.12.2
etag: "6019b093-ffc1"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds238.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65473

GET
H2 200 ntd_show_menu_china_in_focus.jpg
img.ntd.com/assets/uploads/2021/02/ 79 KB
79 KB 52ms
19ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_china_in_focus.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Tue, 02 Feb 2021 20:05:37 GMT
server: nginx/1.12.2
etag: "6019b091-13ba2"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds289.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 80802

GET
H2 200 NTD-Business-412x222.jpg
img.ntd.com/assets/uploads/2021/02/ 66 KB
66 KB 54ms
21ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/NTD-Business-412x222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Tue, 02 Feb 2021 21:10:04 GMT
server: nginx/1.12.2
etag: "6019bfac-1069e"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds149.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 67230

GET
H2 200 ntd_show_menu_ntd_news_today.jpg
img.ntd.com/assets/uploads/2021/02/ 66 KB
66 KB 55ms
22ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_news_today.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Tue, 02 Feb 2021 20:05:40 GMT
server: nginx/1.12.2
etag: "6019b094-10886"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds248.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 67718

GET
H2 200 Capitol-Report-412_222.jpg
img.ntd.com/assets/uploads/2021/09/ 61 KB
61 KB 57ms
24ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/09/Capitol-Report-412_222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Sat, 25 Sep 2021 15:44:11 GMT
server: nginx/1.12.2
etag: "614f43cb-f36a"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds156.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62314

GET
H2 200 491a90758118d261900d668fa4120cf4.jpg
img.ntd.com/assets/uploads/2021/08/ 104 KB
104 KB 57ms
25ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/08/491a90758118d261900d668fa4120cf4.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8df94aecd082fdb7a60d3aeb90073576972b437d3589b737042dc8c75a091015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Thu, 26 Aug 2021 06:45:35 GMT
server: nginx/1.12.2
etag: "6127388f-1a130"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds275.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106800

GET
H2 200 Wide-Angle-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 147 KB
147 KB 10ms
10ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/Wide-Angle-NTD-412x222.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Mon, 05 Apr 2021 04:06:40 GMT
server: nginx/1.12.2
etag: "606a8cd0-24c4a"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds013.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 150602

GET
H2 200 NTD-A-Good-Cop-Banner-412x222-v2.jpg
img.ntd.com/assets/uploads/2021/12/ 35 KB
35 KB 13ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/12/NTD-A-Good-Cop-Banner-412x222-v2.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8b622ac31b659e965866e554d239ba5b9e36ba09438ed7703e659c7d58794b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Sun, 12 Dec 2021 04:21:57 GMT
server: nginx/1.12.2
etag: "61b578e5-8c21"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds221.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35873

GET
H2 200 The-Beau-Show-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 146 KB
146 KB 13ms
11ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/The-Beau-Show-NTD-412x222.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Mon, 05 Apr 2021 04:06:27 GMT
server: nginx/1.12.2
etag: "606a8cc3-248d6"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds138.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 149718

GET
H2 200 New-York-City-subway--900x506.jpg
img.ntd.com/assets/uploads/external/2021/06/ 80 KB
80 KB 763ms
761ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/external/2021/06/New-York-City-subway--900x506.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 81929796467a0d3d726d15f58cb4ad6cc94ddb5ef140c4c2d149485086aea11b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
last-modified: Tue, 15 Jun 2021 14:42:58 GMT
server: nginx/1.12.2
etag: "60c8bc72-140d3"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds124.fr8.sc,1640975202.cds124.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 82131

GET
H2 200 white.png
www.ntd.com/assets/themes/ntd/images/ 95 B
203 B 37ms
36ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6f13-5f"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds127.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 watch_ntd_on.png
www.ntd.com/assets/themes/ntd/images/ 20 KB
20 KB 37ms
36ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/watch_ntd_on.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 22:32:45 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "6192e00d-50f6"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds279.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 20726
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 watch_ntd_row1-2.png
img.ntd.com/assets/uploads/2021/11/ 64 KB
64 KB 23ms
20ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row1-2.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Mon, 15 Nov 2021 20:41:36 GMT
server: nginx/1.12.2
etag: "6192c600-fe6b"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds240.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65131

GET
H2 200 watch_ntd_row2-2.png
img.ntd.com/assets/uploads/2021/11/ 127 KB
128 KB 15ms
13ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row2-2.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7304a8b44027d55051ff16666fa5d9b371b0aaf7ea5136de52d18f00e40cc6e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Wed, 17 Nov 2021 15:05:18 GMT
server: nginx/1.12.2
etag: "61951a2e-1fd9d"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds003.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 130461

GET
H2 200 pexels-kat-wilcox-923681-270x152.jpg
img.ntd.com/assets/uploads/2021/03/ 11 KB
12 KB 14ms
12ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/03/pexels-kat-wilcox-923681-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 21a71b91e4ce75dbc24fbcee6e53e7e76fa79350dab49e02d1193ac3c835332d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Sun, 21 Mar 2021 22:05:08 GMT
server: nginx/1.12.2
etag: "6057c314-2dd1"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds219.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11729

GET
H2 200 William-Alvin-1-270x152.jpg
img.ntd.com/assets/uploads/2021/12/ 16 KB
16 KB 13ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/12/William-Alvin-1-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 078b56ebf4717da72478db0b748dd8a737f5c938ddd964832db64cc9eb10d9a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Wed, 29 Dec 2021 20:45:31 GMT
server: nginx/1.12.2
etag: "61ccc8eb-4187"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds244.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16775

GET
H2 200 hospital-bed-270x152.jpg
img.ntd.com/assets/uploads/2019/01/ 12 KB
12 KB 21ms
19ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2019/01/hospital-bed-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c56af3e788ca9742c94c844117ddd796bed05c01cd1b637d54284d8e13ce466a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Wed, 30 Jan 2019 12:02:00 GMT
server: nginx/1.12.2
etag: "5c519238-2ea2"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds269.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11938

GET
H2 200 Biden-calls-Putin-AP21364761203780-e1640904031205-270x152.jpg
img.ntd.com/assets/uploads/2021/12/ 19 KB
19 KB 21ms
19ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/12/Biden-calls-Putin-AP21364761203780-e1640904031205-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: cae49d5cba5cb695ce8fbdaf2ee6f2134a78adfe983ca6860b6dfcdabe6b0454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Thu, 30 Dec 2021 22:40:32 GMT
server: nginx/1.12.2
etag: "61ce3560-4c57"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds137.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19543

GET
H2 200 GettyImages-1361593090-270x152.jpg
img.ntd.com/assets/uploads/2021/12/ 27 KB
28 KB 19ms
17ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/12/GettyImages-1361593090-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 4873d6173e3a28ba12a6f83552788645497a684ec5ac62cf250b69aa26b2f788

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Thu, 30 Dec 2021 02:39:17 GMT
server: nginx/1.12.2
etag: "61cd1bd5-6da2"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds274.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28066

GET
H2 200 Mexico-border-270x152.jpg
img.ntd.com/assets/uploads/2021/12/ 10 KB
10 KB 21ms
18ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/12/Mexico-border-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 12e1b7718977385319ad129ac36e036271f491d07ffc14f9ebd181d4cb87f1c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Thu, 30 Dec 2021 22:49:21 GMT
server: nginx/1.12.2
etag: "61ce3771-27f6"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds287.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10230

GET
H2 200 footer-2_949x356.jpg
img.ntd.com/assets/uploads/2021/02/ 349 KB
350 KB 15ms
14ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/footer-2_949x356.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
last-modified: Wed, 03 Feb 2021 22:50:49 GMT
server: nginx/1.12.2
etag: "601b28c9-573d6"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds007.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 357334

GET
H2 200 jquery-all.min.js Show response
www.ntd.com/assets/themes/ntd/js/ 98 KB
40 KB 10ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:14 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6f12-188ff"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds054.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.js Show response
www.ntd.com/assets/themes/ntd/js/ 41 KB
13 KB 10ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20211220

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2a44b039063271128c16872f75e32efd8eaeab6a39cff11d627a29cdf3a32675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Dec 2021 16:39:51 GMT
server: nginx/1.12.2
etag: W/"61c4a657-a3ad"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds137.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 13133
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.youmaker.com/lib/ 240 KB
240 KB 113ms
113ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 8470e402e199aa8900f6790a3f009342fa473487270699025d9ffc03eb681a47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
last-modified: Thu, Dec 23 2021 17:10:56 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 245558

GET
H2 200 article_ads.js Show response
www.ntd.com/assets/themes/ntd/js/ 31 KB
9 KB 38ms
38ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Oct 2021 19:10:24 GMT
server: nginx/1.12.2
etag: W/"617069a0-7c65"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds292.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 8981
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 print.css
www.ntd.com/assets/themes/ntd/css/ 532 B
438 B 37ms
36ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/print.css?ver=20200706

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 18:35:54 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5f036f0a-214"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds245.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 320
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 58858
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Fri, 31 Dec 2021 02:05:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: wgu3qlSE-kyBNzsJY8zS1x6DB9cBgniEjwkjVo_jBFsae7N17xMQVQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
32 KB 63ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afd640b186cd1e1099799c2548b58b66b1a555bba8136905ff03a24fe87d05ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32145
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 Dec 2021 18:26:41 GMT

GET
H2 200 NTDLogo.svg
www.ntd.com/assets/themes/ntd/images/ 660 B
549 B 34ms
34ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Nov 2021 15:31:27 GMT
server: nginx/1.12.2
etag: "618e88cf-294"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds263.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 428
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 header-handshake.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 34ms
34ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/header-handshake.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:31 GMT
server: nginx/1.12.2
etag: "606f685f-61d"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds250.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1565
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ENTD_Play.svg
www.ntd.com/assets/themes/ntd/images/ 2 KB
1 KB 33ms
32ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/ENTD_Play.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-7e6"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds016.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 938
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 NTD_logo.png
www.ntd.com/assets/themes/ntd/images/ 4 KB
4 KB 32ms
32ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 19:44:39 GMT
server: nginx/1.12.2
etag: "5ed94f27-f46"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds146.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 3910
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 footer-app-logo.png
www.ntd.com/assets/themes/ntd/images/ 73 KB
73 KB 32ms
32ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:35 GMT
server: nginx/1.12.2
etag: "606f6863-122fe"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds219.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 74494
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Medium.otf
www.ntd.com/assets/themes/ntd/fonts/ 118 KB
119 KB 35ms
34ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Medium.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1d9d8"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds012.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 121304
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Bold.otf
www.ntd.com/assets/themes/ntd/fonts/ 122 KB
122 KB 35ms
35ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Bold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1e6ec"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds101.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 124652
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:15:48 GMT
x-content-type-options: nosniff
age: 241853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 23:15:48 GMT

GET
H2 200 RingsideCondensed-Semibold.otf
www.ntd.com/assets/themes/ntd/fonts/ 123 KB
123 KB 39ms
39ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1eb2c"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds232.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 125740
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
16ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5135
date: Fri, 31 Dec 2021 17:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 31 Dec 2021 19:01:06 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 56ms
7ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200102-IAD, cache-fra19158-FRA

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 38ms
8ms Script
application/javascript 143.204.209.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-17.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:00 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 43798
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: pPAFXDniJXznx1EP7KicHaotDu6gzq1GDLuz2iU4bYAaAR6w3pZtBA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1932441245&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&dp=%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ul=en-us&de=UTF-8&dt=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1228368830&gjid=1171729663&cid=1464519701.1640975201&tid=UA-128455718-1&_gid=1801831692.1640975201&_r=1&_slc=1&cd1=10&cd2=123&cd3=%3Bchina-10%3Belection-integrity-36899%3Binternational-19679%3Bny-13616%3Bnews-8%3Bpolitics-5990%3Bus-9%3Bworld-11%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd5=%3Bchina-10%3Belection-integrity-36899%3Binternational-19679%3Bny-13616%3Bnews-8%3Bpolitics-5990%3Bus-9%3Bworld-11%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd21=627894&cd22=ntd_ap&cd23=The%20Associated%20Press&cd26=China&cd28=%3BChina%3BElection%20Integrity%3BInternational%3BNew%20York%3BNews%3BPolitics%3BUS%3BWorld%3B&cd29=%3Bhackers%3Binternet%20security%3Btelecommunications%3B&cd30=20210615&cd31=20210615&cd33=1041&cd38=123&cd42=%3Bhackers%3Binternet-security%3Btelecommunications%3B&cd43=post&z=29027219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 174ms
126ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3e5277fc-4e2d-40af-b5ef-7d481e1b838c&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 31 Dec 2021 18:26:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7272eb91035cf5223bfcb3d15027d1aa6419c1e5bcc5e27963d25252adf22835
x-transaction: 4512ed1085703b38
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 148 KB
45 KB 42ms
8ms Script
application/x-javascript 65.9.58.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-69.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2395144ea3091c5c67eb6f40a5f3e1e68e8e241dc8a9087a71bd3cf58f5f204b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: pxDUW83ZFaq7V8cr_Hof1xJYeQ3mZNXn
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Dec 2021 08:55:27 GMT
server: AmazonS3
age: 47
etag: W/"5173da88f3d4648a33712eef1fd912d9"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 31 Dec 2021 18:25:55 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: tyjgGkonQLiY_ExALMufvPLpv66Fq1dKKLx2jg8Kj59Ml-mzrZiDjw==

GET
H2 200 geo Show response
subs.youmaker.com/rules/ 88 B
352 B 129ms
112ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo?siteid=&uid=e1c8663d-f584-4b6a-ae67-3ddb6c96acf8
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 88

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 469 KB
102 KB 141ms
85ms Script
text/javascript 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d719b213cc4dcb680a02cedbff71fb8b38277c8b23e8b84f5e0f9f83a46dfba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 31 Dec 2021 18:26:41 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Fri, 31 Dec 2021 18:56:41 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 8ms
8ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:12:59 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
server: Server
age: 18821
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: PlLNghpLfxVFJdKXH08q8Hw6P-x7cnQyfW_Gt9il-rETInxkGy6XDg==

GET
H2 200 geo Show response
subs.youmaker.com/rules/ 88 B
149 B 118ms
113ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo?siteid=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b

Request headers

Accept: */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 88

GET
H2 200 count Show response
sc.youmaker.com/site/article/ 138 B
258 B 156ms
119ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/site/article/count?site=www.ntd.com&user=dc80e1bc-0cba-68e5-c26d-c538eca642a2&postid=627894
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: da661c8b2f1ea440639adbef2c97578419e410c49a8a0d187a9808acb4ffe4f3

Request headers

Accept: */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: clear
content-length: 138
content-type: application/json;charset=UTF-8

GET
H2 200 nest_newsletter_cif.jpg
www.ntd.com/assets/themes/ntd/images/ 120 KB
120 KB 10ms
10ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/nest_newsletter_cif.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 14:03:31 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "612e36b3-1de33"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds205.fr8.c
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 122419
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 42ms
19ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20211220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5a4f42993d0a302a22aa9a89e171067162f82299c847c7189c001332c045582

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 18:26:41 GMT

GET
H2 200 NTDNews.png
www.ntd.com/assets/themes/ntd/images/ 5 KB
5 KB 9ms
9ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTDNews.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

abf7b7fe4417698ac10e9dcf22ec04777e95363c835c7f206cd2a36fa81343de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 20:26:26 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "6196b6f2-1224"
x-hw: 1640975201.cds003.fr8.hn,1640975201.cds275.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 4644
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 287ms
249ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3e5277fc-4e2d-40af-b5ef-7d481e1b838c&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 242
pragma: no-cache
last-modified: Fri, 31 Dec 2021 18:26:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fa809df01dd2606a150f029a77992e3dd385e23ed5d002c51eb218d3e1ce82a8
x-transaction: 2279d2b71cfd9b70
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 73ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128455718-1&cid=1464519701.1640975201&jid=1228368830&gjid=1171729663&_gid=1801831692.1640975201&_u=YEBAAEAAAAAAAC~&z=1624182744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 31 Dec 2021 18:26:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1640975200957&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1640975200957&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com...

0
223 B

9ms
8ms

Image
text/plain

143.204.209.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1640975200957&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Server: 143.204.209.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-17.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: tFiWYxfHu3B2jKDbOJ0xMMKZdR_fgS7fWz8Yym34baAqIXuMT-7aPA==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1640975200957&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9=
content-length: 298
x-amz-cf-id: Tl4AjGtuTUOCWW4gI0443GSJb71aBqpsvFb6bzj9im2Sr_Ro-exJag==

GET
H2 200 0-d0d07a1ccb393c1835b4.js Show response
js.chargebee.com/v2/ 55 KB
17 KB 9ms
9ms Script
application/x-javascript 65.9.58.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/0-d0d07a1ccb393c1835b4.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-69.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: mSS5jcuvxs3RInLENzzr9pqHrIyebGqf
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Dec 2021 08:55:27 GMT
server: AmazonS3
age: 15
etag: W/"c4630576340873667c3aab4a9a1de919"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 31 Dec 2021 18:26:27 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: izwzejGFvky85yox6h6hg7NT6_TPESQSuZw6U-8thxGw0Lsgnbc3kw==

GET
H2 200 60-4fe9e35e742e2fd78a5b.js Show response
js.chargebee.com/v2/ 16 KB
5 KB 9ms
9ms Script
application/x-javascript 65.9.58.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/60-4fe9e35e742e2fd78a5b.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-69.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ef589800a85729debfd73086bfe87f0736ee95c4d2fb599b3e6417a3aa6b58f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: yIum.E5A6TWzy7NGTSgVh4kAxt7lW_XN
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Dec 2021 08:55:27 GMT
server: AmazonS3
age: 3
etag: W/"bea3c2b1ff1b64c6dc747d7f6903a685"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 31 Dec 2021 18:26:40 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wTmpZBk3ZqJMutpDbXayb6nZzf7vT0zGjYld5AX6HYKvt4xUkY8azw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
136 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 31 Dec 2022 17:17:32 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2790 39 KB
20 KB 44ms
27ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=dpzerdpeyu7m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99fd232bb61d1544c07289fd30119cd408e16f7df528076e7e4bb33f3c60a93a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-exUBnSExvoJwxFiXw2PtFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Dec 2021 18:26:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-exUBnSExvoJwxFiXw2PtFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20201
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=1464519701.1640975201&jid=1228368830&_u=YEBAAEAAAAAAAC~&z=1622187659

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 62ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=1464519701.1640975201&jid=1228368830&_u=YEBAAEAAAAAAAC~&z=1622187659

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
comment.youmaker.com/web/ 7 KB
7 KB 158ms
118ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/embed.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20211220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2d38bcdfbd46d657ce3d47b7c5065dc3c70e3bb5de7c4c8d278973476ba18ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
last-modified: Mon, 27 Dec 2021 19:37:13 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 7591
app-version: 0.1.2

GET
H2 200 counter.js Show response
comment.youmaker.com/web/ 2 KB
2 KB 153ms
114ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/counter.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20211220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: fe6c925a980aace1951bf38f99e3a7a80530cdde61cd97dbd11e20873c4b4c61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
last-modified: Mon, 27 Dec 2021 19:37:13 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 2305
app-version: 0.1.2

GET
H2 200 get Show response
subs.youmaker.com/template/ 165 B
230 B 113ms
112ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/template/get?tid=signin&sid=www.ntd.com&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=e1c8663d-f584-4b6a-ae67-3ddb6c96acf8
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 165

GET
H2 200 get Show response
subs.youmaker.com/rules/ 4 KB
4 KB 113ms
113ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/get?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=e1c8663d-f584-4b6a-ae67-3ddb6c96acf8
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ae708ee2f07c5f4271c2513cefb1975dbe0749ebd75a69c86a83066b7ae5d6b0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
alt-svc: clear
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 107 KB
34 KB 94ms
22ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: LnUEiQicLR0PB_19rEBkqllnYGNw9feA
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 07:32:04 GMT
Server: Apache
x-amz-request-id: H84TVRV41TZX4QR3
ETag: "8149da179cc4858e221e9c80dc7ccd6c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=66212
Date: Fri, 31 Dec 2021 18:26:41 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33936
x-amz-id-2: iLXwudo0Cn7GXIJmaAWsaIvfFkEozBnflvZeUp8cFNMo9hPhvn5Gh4W4FfuCrEmI095F+qjNx1E=

GET
H2 200 sync Show response
gum.criteo.com/ 53 B
376 B 67ms
18ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=&us_privacy=&gdpr_pd=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1568
strict-transport-security: max-age=31536000; preload;
content-length: 169
expires: 60

GET
H2 200 tcb.js Show response
contextual.media.net/ 62 KB
8 KB 52ms
32ms Script
text/javascript 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x250%7CT31K017_300x600%7CT31K017_320x100%7CT31K017_320x50%7CT31K017_728x90%7CT31K017_970x250&v=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e98eb352cbcd4162116f98a6260263b32887f82023acf5b950ea5718c9e795ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 31 Dec 2021 18:26:41 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 8047
expires: Sun, 02 Jan 2022 18:26:41 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 82 KB
4 KB 221ms
96ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=56530747840187891640975201150&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=154127862*175%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*178%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*201%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*203%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*214%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*222%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40154127862*251%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40219315283*175%7C300x250%7C8CUBNN02K%7C219315283_8CUBNN02K%7C%7C%7C1%40219315283*178%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*201%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*203%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*214%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*222%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40219315283*251%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40361572443*175%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*178%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*201%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*203%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*214%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*222%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40361572443*251%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40432445934*175%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*178%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*201%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*203%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*214%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*222%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40432445934*251%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40457067574*175%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*178%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*201%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*203%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*214%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*222%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40457067574*251%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40822340472*175%7C300x250%7C8CUBNN02K%7C822340472_8CUBNN02K%7C%7C%7C1%40822340472*178%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*201%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*203%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*214%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*222%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*229%7C300x250%7C8CU734595%7C375117874%7C%7C%7C1%40822340472*251%7C320x100~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40833186455*175%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*178%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.2933807154226826&tscode=1&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22e280fe7482d7d3c7a111febaba11d15a76d31339e855f3c32e9b984de6bd39

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:42 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 38 KB
3 KB 224ms
98ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=74785512905853461640975201153&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=833186455*201%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*203%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*214%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*222%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40833186455*251%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40839126647*175%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*178%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*201%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*203%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*214%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*222%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*229%7C336x280~300x250~300x600%7C8CU734595%7C815568811~375117874~277543751%7C%7C%7C1%40839126647*251%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40895788568*175%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*178%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*201%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*203%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*214%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*222%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40895788568*251%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.3677074525035917&tscode=1&crid=833186455%2C839126647%2C895788568&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a4f396b8fd75a454157bca5f69c306a45e5b79390d6634e06f0438140a6e7271

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:42 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 2790 51 KB
24 KB 24ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=dpzerdpeyu7m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 30 Dec 2022 14:01:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 2790 348 KB
136 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 31 Dec 2022 17:17:32 GMT

GET
H2 200 show Show response
subs.youmaker.com/template/ Frame 5618 4 KB
4 KB 114ms
113ms Document
text/html 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

server: nginx/1.20.1
date: Fri, 31 Dec 2021 18:26:41 GMT
content-type: text/html; charset=utf-8
x-robots-tag: noindex
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 auth
subs.youmaker.com/subs/ Frame 0
0 113ms
112ms Preflight 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/subs/auth?subscribed=&nid=1200&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=e1c8663d-f584-4b6a-ae67-3ddb6c96acf8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ntd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.20.1
date: Fri, 31 Dec 2021 18:26:41 GMT
content-length: 0
allow: GET, POST, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
via: 1.1 google
alt-svc: clear

POST
H2 200 auth Show response
subs.youmaker.com/subs/ 69 B
133 B 115ms
114ms XHR
application/json 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/subs/auth?subscribed=&nid=1200&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=e1c8663d-f584-4b6a-ae67-3ddb6c96acf8
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
alt-svc: clear
content-length: 69

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/ntd.com/ 495 B
924 B 985ms
243ms Script
text/javascript 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/ntd.com/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8ed56a23ab51bd1ffdd1706f162c531aac52e0823a999288c29bdf09eafecb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"1ef-6wmv5ByLThkq3QUfk3nC8bHLlXM"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 310

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 15 KB
2 KB 181ms
95ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=46985350741596861640975201212&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=154127862*97%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40219315283*97%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40361572443*97%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40432445934*97%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40457067574*97%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40822340472*97%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40833186455*97%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40839126647*97%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40895788568*97%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.41422798167428265&tscode=1&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455%2C839126647%2C895788568&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1b291715638482939a4abe55dca942c102ec459fdf105a9de67480672fc9b89

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:42 GMT

POST
H2 200 counts Show response
comment.youmaker.com/api/v1/ 186 B
287 B 115ms
115ms XHR
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e0db7a8f644f3f6e06af34dfeb3b95643ef01c3f518ea7747880666d74ec0157

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
vary: Origin
alt-svc: clear
content-length: 186
pragma: no-cache
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
expires: Thu, 01 Jan 1970 00:00:00 UTC
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
app-version: 0.1.2

OPTIONS
H2 200 counts
comment.youmaker.com/api/v1/ Frame 0
0 128ms
114ms Preflight 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ntd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.20.1
date: Fri, 31 Dec 2021 18:26:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ntd.com
app-name: remark
app-version: 0.1.2
author: EMG
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag: noindex
via: 1.1 google
alt-svc: clear

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2790 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 41002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 07 Jan 2022 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2790 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 284916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2790 15 KB
15 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:37:08 GMT
x-content-type-options: nosniff
age: 42573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 06:37:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2790 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=dpzerdpeyu7m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 18:26:41 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 598ms
237ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1087 / 539 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Dec 2021 18:26:42 GMT

GET
H2 200 iframe.html Show response
comment.youmaker.com/web/ Frame E852 4 KB
4 KB 120ms
120ms Document
text/html 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 6b3d3087e4baca55c1687d30c20e66ed53999d4f66f9c7d9fc7b0c4f2994581e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

server: nginx/1.20.1
date: Fri, 31 Dec 2021 18:26:42 GMT
content-type: text/html; charset=utf-8
content-length: 4155
accept-ranges: bytes
app-name: remark
app-version: 0.1.2
author: EMG
last-modified: Mon, 27 Dec 2021 19:37:13 GMT
x-robots-tag: noindex
via: 1.1 google
alt-svc: clear

GET
H2 200 userId.bundle.js Show response
subs.youmaker.com/lib/ Frame 5618 200 KB
200 KB 113ms
113ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/userId.bundle.js
Requested by: Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
last-modified: Thu, Dec 23 2021 17:11:20 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 204540

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
3 KB 137ms
104ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20211220
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: d974506f8f71ffaf3e886fb89f5c15769a4e6f2e826939765f898bab9608cb52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
Last-Modified: Friday, 31-Dec-2021 18:26:42 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 remark.css
comment.youmaker.com/web/ Frame E852 82 KB
82 KB 126ms
126ms Stylesheet
text/css 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/remark.css?v=2021122714
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f5fbdfc69f9cd029a5cc7b2bcaf0f7e5c0d33da7594a0abd4157d87a93f61dfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
last-modified: Mon, 27 Dec 2021 19:37:13 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 84113
app-version: 0.1.2

GET
H2 200 remark.js Show response
comment.youmaker.com/web/ Frame E852 312 KB
312 KB 114ms
114ms Script
application/javascript 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/web/remark.js?v=2021122714
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: bee2ad3ac51d16d90c6bb08c6e935d633754a41da96ed19ce8c5cc08aca2d96c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
last-modified: Mon, 27 Dec 2021 19:37:13 GMT
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 319029
app-version: 0.1.2

GET
H/1.1 200
OK jsapi.v5.6.0.en_US.js Show response
static.mixi.media/static/jsapi/ 251 KB
75 KB 210ms
23ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.6.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 9d626f07bedfb4a51b8d37382cb3753814b76c58442c82049599e8b6525817c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 08:58:08 GMT
Server: nginx
ETag: W/"61a73920-3eaf1"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 210ms
98ms Script
application/x-javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 196ms
12ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 264ms
110ms Image
image/png 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=629490042363
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Target-Version: 2
Date: Fri, 31 Dec 2021 18:26:42 GMT
X-Target-Final: 20211231212642-0
Server: nginx
X-Target-Host: target2-1.sselp1
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00025
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Fri, 31 Dec 2021 18:26:41 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 50ms
50ms Script
application/javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxIkMzUyYWI0OWQtMDFhNi00YWI0LWIyN2QtNjUzODlmNDgzNTEwGOfu-Y3hLyIkYWI3NGViNTgtNTNhNS00OTBiLTg4Y2UtNWQ2MWE5NGEyZDcw&cb=_callbacks____0kxuq9lad
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 2b1114802b464d9a6ca3305652ff7dcda55d4528e06a95cd698f8fbf22098ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 7 KB
3 KB 102ms
102ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.6.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: a5642ff474805808c949549c385b64b1b263d0a8390d80c28beff410b8230689

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
Last-Modified: Friday, 31-Dec-2021 18:26:42 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Node: ads5-2sselp12

GET
H2 200 config Show response
comment.youmaker.com/api/v1/ Frame E852 283 B
471 B 116ms
116ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/config?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021122714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: clear
content-length: 283
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
880 B 107ms
84ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDM1MmFiNDlkLTAxYTYtNGFiNC1iMjdkLTY1Mzg5ZjQ4MzUxMBoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjQwOTc1MjAyMTUxGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGFiNzRlYjU4LTUzYTUtNDkwYi04OGNlLTVkNjFhOTRhMmQ3MBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1640975201887
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Friday, 31-Dec-2021 18:26:42 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:42 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 175ms
59ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Fri, 31 Dec 2021 18:26:42 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK 9360747.jpeg
static8.mixi.media/img/400x300/ 54 KB
55 KB 55ms
17ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/9360747.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 5e47777d86f28a945bbb343c60efc5a335b7695f23ba7cb1c9f10d405c31fd3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Sun, 05 Sep 2021 16:23:36 GMT
Server: nginx
ETag: W/"6134ef08-e67a3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55729
Expires: Wed, 08 Nov 2023 19:46:41 GMT

GET
H/1.1 200
OK 9728227.jpeg
static3.mixi.media/img/400x300/ 29 KB
29 KB 52ms
18ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/9728227.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c5ca0fae569e914a8b1b5489b193e3d4433538ab3cfec3a95e4402c312b14fd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Wed, 22 Dec 2021 08:31:51 GMT
Server: nginx
ETag: W/"61c2e277-7cfc"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29266
Expires: Fri, 22 Dec 2023 08:32:31 GMT

GET
H/1.1 200
OK 9622660.jpeg
static2.mixi.media/img/400x300/ 19 KB
19 KB 51ms
17ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/9622660.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f5dbca87eb015874a8bb0fe6359745a94a5432a505a27f87ff7ced2f811db6b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Mon, 22 Nov 2021 16:20:43 GMT
Server: nginx
ETag: W/"619bc35b-3970"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19586
Expires: Wed, 22 Nov 2023 16:21:37 GMT

GET
H/1.1 200
OK 9436540.jpeg
static4.mixi.media/img/400x300/ 10 KB
10 KB 121ms
13ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/400x300/9436540.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 4f45f0dfd6b71bd2b37d8fb66a86b406ea18993d2d0bf8dc2692bb0b85f98692

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Mon, 27 Sep 2021 18:49:26 GMT
Server: nginx
ETag: "61521236-267c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9852
Expires: Wed, 08 Nov 2023 17:38:42 GMT

GET
H/1.1 200
OK 9311424.jpeg
static3.mixi.media/img/400x300/ 80 KB
80 KB 51ms
18ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/9311424.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 6e27ba90bb5763748d0d5aa2eaf6f26f7f670878301295f7c6666fb324df65ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Fri, 20 Aug 2021 20:35:13 GMT
Server: nginx
ETag: W/"61201201-3d113"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81589
Expires: Wed, 08 Nov 2023 20:09:49 GMT

GET
H/1.1 200
OK 9581969.jpeg
static3.mixi.media/img/400x300/ 45 KB
45 KB 50ms
18ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/9581969.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 0e0e86f7e573265f197da103928770224d60ff738a575e866fe2c26dcb8d0a5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Last-Modified: Thu, 11 Nov 2021 01:50:48 GMT
Server: nginx
ETag: W/"618c76f8-24194"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46073
Expires: Sat, 11 Nov 2023 01:52:37 GMT

GET
H2 401 user
comment.youmaker.com/api/v1/ Frame E852 57 B
0 117ms
116ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021122714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
alt-svc: clear
content-length: 57
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 site Show response
comment.youmaker.com/api/v1/ Frame E852 73 B
260 B 114ms
114ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/site?site=www.ntd.com
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021122714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 92234cbc7b15fd148698dd1c784606659930943b1ceb0865f905ddd861e3b112

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: clear
content-length: 73
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 find Show response
comment.youmaker.com/api/v1/ Frame E852 123 B
310 B 117ms
116ms Fetch
application/json 34.120.33.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.youmaker.com/api/v1/find?site=www.ntd.com&url=www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&id=627894&group=&sort=-time&format=tree
Requested by: Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2021122714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.33.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5

Request headers

x-provider-token: youmaker
x-xsrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id: www.ntd.com

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
via: 1.1 google
server: nginx/1.20.1
author: EMG
app-name: remark
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version: 0.1.2
x-robots-tag: noindex
alt-svc: clear
content-length: 123
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 679ms
322ms Script
text/javascript 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
714 B 744ms
389ms XHR
application/json 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ntd.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

48f5ab8de5db17eaf12195a7badc3863f2a8a69dfc6db86c0076bc85c21b932d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H/1.1 200
OK view Show response
api.dable.io/logs/services/ntd.com/users/40944722.1640975202687/ 54 B
285 B 249ms
248ms Script
text/javascript 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/ntd.com/users/40944722.1640975202687/view?url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=627894&items%5B0%5D%5Bc1%5D=China&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&cid=40944722.1640975202687&z=431591&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H2 200 view Show response
r-log.dable.io/s/ntd.com/u/40944722.1640975202687/ 54 B
199 B 800ms
258ms Script
text/javascript 3.36.41.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/ntd.com/u/40944722.1640975202687/view?url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=627894&items%5B0%5D%5Bc1%5D=China&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&cid=40944722.1640975202687&z=431591&callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.36.41.122 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-36-41-122.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 18:26:43 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK 40944722.1640975202687 Show response
api.dable.io/widgets/id/Ql9OO5o4/users/ Frame 8B3E 37 KB
6 KB 618ms
387ms Document
text/html 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: df35513cbda04fc1e69cc3f92ab601f967d4e5621f3832a5dfb113a96711bb4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 31 Dec 2021 18:26:43 GMT
Server: nginx
Content-Length: 6373
Connection: keep-alive

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=40944722.1640975202687
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D

0
493 B

559ms
258ms

Image
text/plain

211.249.220.158
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc=
https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1

35 B
207 B

741ms
235ms

Image
image/gif

3.38.125.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Server: 3.38.125.168 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-125-168.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 8B3E 830 B
846 B 21ms
21ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: YQ9CAH1B4C27WJYJ
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Date: Fri, 31 Dec 2021 18:26:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: dNKSyS7QHJsdTdTWbrWep01AyCAKd89jqhKOrS1KSAG6cjC7CApS/LNz8zbzOrtGXx3VvGKDUs4=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame 8B3E 73 KB
10 KB 44ms
22ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?202106141538
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: vhEKAQMtMwHCbv1zntOLld7ykyHm2Ieo
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GSJ3XSS7B7MSGG
ETag: "b21f082c8bf7c670dc2314e542e4dcd4"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Fri, 31 Dec 2021 18:26:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10090
x-amz-id-2: CV49zchxyfrJ7A0uDlnesP8HJgUzPO5F5jg+mvemxg6m3fTF41RU5lMczudu2y1+N0FssM5UFFQ=

GET
H2 200 css
fonts.googleapis.com/ Frame 8B3E 4 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 18:13:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 31 Dec 2021 18:26:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H/1.1 200
OK 64867051e61f34b5a989df6e90d26ef8990f3.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/0d9/ Frame 8B3E 4 KB
4 KB 953ms
797ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/0d9/64867051e61f34b5a989df6e90d26ef8990f3.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a0c831c452844abe74d8767ff6d72d583b0a188d0a6868d8d7b5bf2efc2ecdee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: AbAQieCq5d8vzPAJ4ODcXdM0b1vtBH5J
ETag: "e4402b4d310b014d700fdb107ac4d6bd"
x-amz-request-id: 0Y184MEARQAYS8SX
Connection: keep-alive
Content-Length: 3980
x-amz-id-2: nhihSpHgr5OlnJhYJSFG3CtiTBBAotRFI/V6/li+A/8CB118D84/rllPly0UP2H1vVHT+R7JsoY=
Last-Modified: Tue, 14 Dec 2021 16:50:20 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 7128d266b787685d659b821723296b5a74c76.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/f6f/ Frame 8B3E 3 KB
4 KB 1426ms
1270ms Image
binary/octet-stream 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/f6f/7128d266b787685d659b821723296b5a74c76.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ae55ee334ff99e50b3242f42ba930ab50226ff2b39f19722be3719116893a48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: KH_ZV_Vvxbv.phzGv3A6wcexwzmk4JrA
ETag: "0950ee815a915f1631ef700926556b80"
x-amz-request-id: 0Y19DX3JHPX0DW1K
Connection: keep-alive
Content-Length: 3562
x-amz-id-2: jv+3wsU+xki9X0Rzw0zAjpjqqqRaBDedNw9UfzbQjK7UN80I3a1kG4MvenQ/5rdyZuggtKFzhDY=
Last-Modified: Tue, 07 Dec 2021 07:17:49 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 7f4d739656d6e72025f3f982551e2bdf13556.jpeg
images.dable.io/thumbnail/news.ntd.com/200X125/45f/ Frame 8B3E 2 KB
3 KB 1465ms
1309ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/news.ntd.com/200X125/45f/7f4d739656d6e72025f3f982551e2bdf13556.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 57a09d21229297b160c63abba14d650c19225ca100dd0005b6633ffcd8f2d9ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: kl4NDapRWrSSsEU0BJtH7_kuRqLJnkOI
ETag: "969a8d1aa3778657d2149daf507b8f66"
x-amz-request-id: 0Y11JD3QNSD49FX9
Connection: keep-alive
Content-Length: 2142
x-amz-id-2: 72+Onh0EPoziZanbc9fP6VTRuaqFymbtiy/91gEFZ5TZ1mqv0IXb9kSPa4HTT5tnASp38e46kMk=
Last-Modified: Fri, 31 Dec 2021 18:16:24 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK fe71c77cdcb1f2124f55e2ad8b03f6c2b7a2a.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/ce7/ Frame 8B3E 4 KB
4 KB 177ms
21ms Image
binary/octet-stream 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/ce7/fe71c77cdcb1f2124f55e2ad8b03f6c2b7a2a.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2e126db0398686e4f62235adaa2bdf60be791603460c3a1db7822ab4d84ed663

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wRjhyqsywqfSUgEps.eHviexgP8BVt2D
ETag: "80c77b75515e3d0dc3ba2d9b3f2b0ed7"
x-amz-request-id: DHCS8PXNAH8F6PTT
Connection: keep-alive
Content-Length: 3919
x-amz-id-2: ziQ4gJ4NZ0bo2vEIa7ERCLL/HlCSiqj7PdBhG+mEthaL79L723XZNReHr47t8qdwtePBFL0i3ts=
Last-Modified: Wed, 24 Nov 2021 03:21:56 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK b28396aa78d569f43d929d5eae54aed987b3a.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/33a/ Frame 8B3E 6 KB
7 KB 185ms
29ms Image
binary/octet-stream 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/33a/b28396aa78d569f43d929d5eae54aed987b3a.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d9f1d36406c18d623f005073803d5900edc61d0973e35c2fa4386990f001b7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9lcktPVKoxLlJWtJReGzQFtuIOGe3CB9
ETag: "afbaa543171b618e818a665014b023b5"
x-amz-request-id: WM48095B1QJ098SC
Connection: keep-alive
Content-Length: 6249
x-amz-id-2: f95BbRQRqI4yNgAM1YgNQisTrliUiKDbefK1Hf69upFVUvTxPmMwXlg1WLR9igW/l/jFZ2XdkWA=
Last-Modified: Tue, 16 Nov 2021 06:00:09 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK b734f14ca7fd8c72e1a44d4c0fa238901d782.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/4dc/ Frame 8B3E 4 KB
5 KB 176ms
20ms Image
binary/octet-stream 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/4dc/b734f14ca7fd8c72e1a44d4c0fa238901d782.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0b777ae5236c9022d0323fdca3b238ddc45d7050c615066882f2971b81afcd0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: q1ZlHf6jYRvu0UytvDrOL_fvfM_skjDo
ETag: "dd6768076a21a2b8e5051e500efe2dd7"
x-amz-request-id: V7CCZPKYQNR1A6K6
Connection: keep-alive
Content-Length: 4189
x-amz-id-2: uHoLUhrKrfEL9wdAoY4i0/5AtDWpA7/fdeMB0dUN+xHEyADV8v1/syY9RSMCtDyA0w9cNPWt3/M=
Last-Modified: Fri, 05 Nov 2021 15:20:15 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 8B3E 83 B
611 B 59ms
20ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Fri, 31 Dec 2021 18:26:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8B3E 95 KB
34 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 19:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Dec 2022 19:49:25 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 8B3E 56 KB
18 KB 292ms
255ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?202111191719
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d24504fb8d7f46fc501b9cedb1d586b385e547c266b2ed61567c6e69ff28e5cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: T21JQxktq9qC9GROkf_jsXATU.wmSE9V
Content-Encoding: gzip
Last-Modified: Mon, 22 Nov 2021 02:58:05 GMT
Server: Apache
x-amz-request-id: 241XPZGY2VM9RWGK
ETag: "04b2cd453775b0cf48d81ef33904a166"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Fri, 31 Dec 2021 18:26:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17775
x-amz-id-2: ogQGrazwYtxCs3IPWQoXYMLlImVe+YMeQoS1OFjidv7TwkpksxkBHu1ZFq6OkyaA/vSOZFOWli4=

GET
H/1.1 200
OK prevnext2-snippet-ie.png
images.dable.io/static/i/ Frame 8B3E 288 B
906 B 22ms
21ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/prevnext2-snippet-ie.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "78144ca1e42485765eff8fd58568ec78"
x-amz-request-id: 74D12E3752DB3144
Connection: keep-alive
Content-Length: 288
x-amz-id-2: z+AJdiOqusgGNVgxKhgK9b+ndFt+UEwAb/Suw07l+7djysJnceLK5MhhhgzYLC6/btseTz92+ks=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 8B3E 661 B
1 KB 21ms
20ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 16DB178742EEC089
Connection: keep-alive
Content-Length: 661
x-amz-id-2: zEYBbuAR9Qv465XZzNopbYoH3t8enMToI1eVKNd34kvlV8lBw6P9XxaNRSwsqJrgjR7RLeUFdas=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8B3E 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 253128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8B3E 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.dable.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 232357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 01:54:06 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 47ms
47ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=ciZvPoEdrkJrp&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22article_top_ads_inner%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 14HF7ZD4Y6N8EE4TKTJ9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tmAWRsVFVKYZVtSvSb3AzRPz6fmK4rNCEbWPmfw5p0cIk1lFXC92mA==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 1 KB
904 B 86ms
13ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 80f724adc7dc46066700938a793bdf72e018a15dd55547a01b512311390f5faa

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 271 B
642 B 171ms
99ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 31f4ff85271f11625459a37ce62ba0b391ec51adfa8f9acb7c574c6ca44c393d

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
355 B 112ms
31ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32032&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 213ms
13ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_728x90&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 510b7fb74d2ed5e38a2d6f4458e1d202e349d1a54d77b19af06580bf6af361fb

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 47ms
18ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6c658ecf78015b74-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 174ms
85ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=41bfeaec-e992-48dd-981c-1e0139664424&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3749671731023545
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6c0d4aad96b60f53160e0b0dd3abed4fb1ea90b238f486d2743ca620d1a4d54f

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
693 B 38ms
16ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9f2a7304-99c0-4c1e-bc99-3ff152edeb27
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
328 B 37ms
12ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360717&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219958797f61542f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22204b7a0025e3a68%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222164e5a57430bb9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22229bde29688337d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9207836e697a090f0aed08a4f06e47aa45471f46bdb71d1f67dfe69f5d69abda

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.22], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 53ms
53ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=ciZvPoEdrkJrp&cb=1&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22first_in_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: FD8CDYZSAC3A3CAF24KN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JkncjgTvifDI3XcS3Ny6_z77ORLm6jVDvienj4u30MZH4-xGOsL0kA==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 271 B
636 B 169ms
110ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 10d7f8e25425188565c71762c5335ca376c3c5be7ca741aba4abca5601c5107c

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
327 B 35ms
15ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360718&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22317a56e58b5e15%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22327e32c1aa759f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223303e3b80f0f3c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aa4f7dcad18d068abb2bf4b356f70e0122f786744c98bc851fc4d82279e756c3

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.22], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
289 B 199ms
10ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: af88ace41e644752a1b6edbaca63bfd9873c9c1e07767684c410ec4a2a3574df

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
281 B 31ms
13ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6c658ecf88025b74-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
693 B 28ms
13ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 599ce8f4-b29a-484b-b4f1-ef2658e6f8f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 197ms
105ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=785a5907-b17d-4779-b4fc-787a2b99456a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7115767879097783
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 31465df635bff5d742e48dbe0680a4f000ce2cb23714bb3fb8806126e65ff5c4

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
354 B 96ms
31ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 95ms
95ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=ciZvPoEdrkJrp&cb=2&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 0Q0CYPEFMC9EJYHFQGYR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tIrQCGTTZgnsmm8DREqryfP4-YJNgc5BI-pivvHei9EwBCIul5JKhw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 272 B
642 B 148ms
97ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 3cb1e8122941c896bde7085c9e23dd40dd918e32fd5302cf31ca1648e5a334ed

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 30ms
19ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6c658ecf88035b74-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 192ms
12ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7ccd9abfa6fe8b5c12fd8499f1de5726911d88a28398069d61c017c3abb2a27f

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 167ms
81ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=715480c2-b3b5-4fa7-a4c9-b60e588e037f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.22863505087292713
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a086f96560116acb8d60ed9d25d9baa7d5e5da64c29f7fcf1932f24c34f738a4

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
354 B 91ms
32ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 143ms
129ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d2aa249963543ddaa14b3e0f3be5aa457d25ba3c0e16c05b96106c5952a2ee9b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c915f6ca-3397-4c29-bff3-7cc9fa774fb4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
327 B 22ms
14ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2262dde77136654b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263d80ae464fe60c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22643396ba6cf65bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 10fc8ce599a4f6c00b4cb586d73f41fbf31c7f4181acd34d794256a95c80664d

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.22], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 48ms
48ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=ciZvPoEdrkJrp&cb=3&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22right_column_ad_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: DYH1FBBJCNV50GHCPVAV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -YURrU5kC2Fb0hP8WYpZSS5-ZKRMc23I5AvWtXEkO-jd2ClJAs3Fkw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 271 B
641 B 134ms
95ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: dfecae33e19000e17e577e1e19076a57b5d49f2635d92374a1cb5992286ad83c

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
328 B 14ms
14ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360722&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22739bdabf22bfa5a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274365ab300f9f7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2275869d9e563b897%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0661333bf041acc00caddcbf6518f8506a820c330abc21e3271cf90def33675b

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.22], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 31 Dec 2021 18:26:43 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
354 B 80ms
32ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:43 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 181ms
13ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ad36c0ee4faf09ed8c215099cd2a8a0c9481246f32bfcbf2feb877a1713a624b

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
35 B 12ms
12ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 31 Dec 2021 18:26:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6c658ecf880d5b74-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 158ms
84ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=5444b225-a1f3-4a07-b1a6-772d93dec991&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.166797173864202
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3af551757d5ee4c86eead499ceadca7bddcd62bd9898d5d47dfa039b09dc510b

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
693 B 16ms
9ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bfdf8ff9-05e0-404b-8be1-4a28eb74a06d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 53ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 47ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 402 B
245 B 493ms
265ms XHR
text/plain 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1072099383449690&correlator=2608979320664779&output=ldjh&impl=fifs&eid=31061166%2C44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211231&iu_parts=5965368%2Cntd.tv_inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=ENTD_category%3Dchina-10%252Celection-integrity-36899%252Cinternational-19679%252Cny-13616%252Cnews-8%252Cpolitics-5990%252Cus-9%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&lmt=1640975203&dt=1640975203160&dlt=1640975200409&idt=2673&frm=20&biw=1600&bih=1200&oid=2&adxs=290&adys=4558&adks=1600640090&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=767x3707&msz=647x0&ga_vid=1464519701.1640975201&ga_sid=1640975203&ga_hid=1932441245&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ebe0cf092d27efe8b9106162aeb3df0e1dcef385105298ec9f69bfa5224be0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3591 6 KB
4 KB 99ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 31 Dec 2021 18:26:43 GMT
expires: Sat, 31 Dec 2022 18:26:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dot.png
images.dable.io/static/i/ Frame 8B3E 269 B
887 B 18ms
17ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/dot.png?2
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "c6dbfa476effcbda5d070b19378fed29"
x-amz-request-id: EAFBBCFA4D7AE63A
Connection: keep-alive
Content-Length: 269
x-amz-id-2: In1YsX2XP/rqSfF0GwWqekj67sTL1Osei9Tfdk6/0omUDTbnSxt7gggAxFx4lHnM9/cIxjYB3tQ=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 43FE 0
177 B 59ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Fri, 31 Dec 2021 18:26:43 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK ec33bdfd1104ffe0ea3e3c0aeaf633a006a3f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/350/ Frame 8B3E 5 KB
6 KB 783ms
783ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/350/ec33bdfd1104ffe0ea3e3c0aeaf633a006a3f.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 89830cc50b2ec83436eb94b6ee7494cbc4026a895933af86aaaea4c59441e66a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Mr6fPJb9ssvLR8pzjobYVJTy9ebVr1Fg
ETag: "adc6e9e4abacb0b2b5a625a099eab613"
x-amz-request-id: 0Y140SH8KP9HPDZ6
Connection: keep-alive
Content-Length: 5537
x-amz-id-2: mLlQZLIUGA6X4oF7M5Odnh4cC4PMqRR6fVim4ZTD70738Qgtd6pbzwnpBDQCDSYl0mx1W+eaFMM=
Last-Modified: Thu, 23 Dec 2021 11:13:49 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 0bdf3aa85161d9e7ee8118fa1be3fb2f27a40.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/74b/ Frame 8B3E 8 KB
8 KB 21ms
20ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/74b/0bdf3aa85161d9e7ee8118fa1be3fb2f27a40.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eafe1f4b5992c38e3cdd4a91a387fe837d72521a02ec342bb2b81ba62c0aff50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: dYHnkjxOFeUC3yF2mnU852Ga47JSm9Yi
ETag: "c395f39cbee2fc602bbe18dafe966300"
x-amz-request-id: 9KSNHF5CQ6C7S2V7
Connection: keep-alive
Content-Length: 8066
x-amz-id-2: U3tuKF/a8EHtc7EzoCI+IM94utBIA6SLYbBaxAAVyCHQjAViouvnSQcnqeEQc6Qbc7xN6msNucY=
Last-Modified: Fri, 17 Dec 2021 01:50:48 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 3f5fb2c5beb89960b1d6517d10fdee587ae51.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/c81/ Frame 8B3E 7 KB
7 KB 1266ms
1266ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/c81/3f5fb2c5beb89960b1d6517d10fdee587ae51.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e5ce9f85ee97bc5289bf84b5026d7bcea6e2719ad4326e1ef1bf2e316c8f6a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: UDm4LDq3MaeA3YthWwB6lq70Ws6p_HEY
ETag: "9037d6e8da3b154e6547f5008fe5ab8a"
x-amz-request-id: 0Y110QWGBGNW6MXY
Connection: keep-alive
Content-Length: 6814
x-amz-id-2: 8c3NA2rY1WUG0rMnv4i4WZZsL9Oi/dMcuSShPJEYU73vcnMWL0hOWypqHz219sBXy5mmcEyFBE0=
Last-Modified: Wed, 08 Dec 2021 03:02:51 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 6c1917f8c293e907534d2301fb2eff189bf54.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/f6d/ Frame 8B3E 5 KB
6 KB 18ms
18ms Image
binary/octet-stream 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/f6d/6c1917f8c293e907534d2301fb2eff189bf54.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9ec7e521658947a1f096595acb26867a8202a1fc9fd40c2c5f8bad638cde277b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 66Ab0hvzld_lHf_KngpChFgaZuK3Ai6Z
ETag: "066e6ea5c6e60fe7edf63463909afa66"
x-amz-request-id: 0SXCNX8TT5VR2M4D
Connection: keep-alive
Content-Length: 5285
x-amz-id-2: 3V2BDODOHykyRO5OdO1Z/9UFX4yyRDPJTBnJYPr2HTWY4wGrf02DOgrn0QYk0ZhcQXCk9IOw2rM=
Last-Modified: Thu, 02 Dec 2021 23:37:43 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 03f0276cb5d315de9e350ac310d3ce86888e6.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/5bc/ Frame 8B3E 5 KB
5 KB 21ms
21ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/5bc/03f0276cb5d315de9e350ac310d3ce86888e6.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6ee00d996ab5f38cc4c3c34029ce45cc46a9f5685cbf7ed2bb6f855473b0faa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 2ZKDrCpv5kDaUOFA5yEYILN2x47mhTeo
ETag: "a5d03e5862b20919c190d52ae4d4a1b0"
x-amz-request-id: 60PPQTEBPKFTENK0
Connection: keep-alive
Content-Length: 4881
x-amz-id-2: OojeA+hCBVi5wpbiu+VZ34X8U84L12EDbHITtuH/KfuJ05oMGXmMyDab5eBvfeQ+7sCFXY3s0k0=
Last-Modified: Thu, 09 Dec 2021 08:28:26 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 0b36b3b553b8d2d0ab4b12b88872e959f108b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/281/ Frame 8B3E 7 KB
8 KB 21ms
21ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/281/0b36b3b553b8d2d0ab4b12b88872e959f108b.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d4fb3e2327bfebaeadcc3c0d1873f16cf8ff48023b1f1db0fae954b1bb791173

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: B7BRr55t9BVVNNHmb.rXKMEhSyHIGKnZ
ETag: "b6494cd00c9d5a5c0048b8a40e92e6e3"
x-amz-request-id: HC5S2DNEM5425RWY
Connection: keep-alive
Content-Length: 7563
x-amz-id-2: mfX4w8iwxiNfVv86zLZJFLi54dzHa8H8RAh6RaJzaqqGzMMJu+nlSPUwdprJYRR+5JNg5LN6Ao4=
Last-Modified: Fri, 24 Dec 2021 16:44:30 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 01076fbd57f5c8d0c9b3fd6e8e189ab663215.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/bc2/ Frame 8B3E 7 KB
7 KB 23ms
23ms Image
binary/octet-stream 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/bc2/01076fbd57f5c8d0c9b3fd6e8e189ab663215.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9625927762fa38c0606b89c9381f789f260c05711a1242b049db05b86dee8049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: K4Epiec.iykt.TomMGGwtqCeOeyC4oKc
ETag: "0a20cea2a29903d44d2376fffab5d8b7"
x-amz-request-id: 2X32XW2YJ04ACQBH
Connection: keep-alive
Content-Length: 6943
x-amz-id-2: Pf+nCPvgsecr+7rKnD6BbpQGRTSU/o8r3dVsagCIoIF8/7EbkR/ijBXVT8ibLXOayvteIGFCQtI=
Last-Modified: Sun, 05 Dec 2021 15:34:17 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK a03548ab813172438cf8007e6dcf9b79a07a4.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/abe/ Frame 8B3E 3 KB
4 KB 28ms
28ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/abe/a03548ab813172438cf8007e6dcf9b79a07a4.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9516d17f843ccb8744ae0db1a2e4d97f87c852f0137f600297494aede1344b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: FDdX0YJwsgDRxpQHof2dmz3eq_KIZFdc
ETag: "4c056eff04012ac5229f11956063b27b"
x-amz-request-id: X83CF6603BESC4XT
Connection: keep-alive
Content-Length: 3419
x-amz-id-2: r8SRTrDN6PsIPSDyr7Hyp6zUO2flc5p45hxlFyhR9/MWKlbfTQFebHtZtaMMWcUW/MxR2mP33eA=
Last-Modified: Fri, 31 Dec 2021 02:51:54 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 2a2a36700da20884960d37d19048049008ecb.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/297/ Frame 8B3E 2 KB
3 KB 1254ms
1253ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/297/2a2a36700da20884960d37d19048049008ecb.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 79767d332dc4b22ae3a161970f6a6270e860eb7a8610b387ec5fe2d0478aeed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: g_MhRsXvYe8_CqV_KnLn9XNFArdbmSt5
ETag: "ae1da9f889bd983c5dea5467c98c4509"
x-amz-request-id: 20Z9NR1SSECXDD28
Connection: keep-alive
Content-Length: 2385
x-amz-id-2: vQbVQ45jEh65gbPtA27Ly3OfNNFBvCpKU2ZnBklX8tyA87SXT0sEH0NkfW2a0XBt8Ndj7TwbmRg=
Last-Modified: Fri, 24 Dec 2021 20:57:33 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 9204f650a507604cdb242420ca94eaba69ec4.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a90/ Frame 8B3E 7 KB
7 KB 774ms
773ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/a90/9204f650a507604cdb242420ca94eaba69ec4.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ab32895c8eb04de1c69042508deb0668cb87ed48eda7b39fb027c35cfb935306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: XffXyuCdMV9811ous0NqTfFUqcHbiUZm
ETag: "bbd0d14c9e3581bb7f74b6ec22b8649b"
x-amz-request-id: 20ZAMC3KDV3JGSC8
Connection: keep-alive
Content-Length: 6735
x-amz-id-2: Bji1BBj5Za5ozspNzq3BmNX6XCtb0VpCHsekpsPL49Bhw5O+lYi7sTT6kcImq1tNUxWTzAWHIBk=
Last-Modified: Tue, 28 Dec 2021 08:56:54 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 6d423a432db6442bf635fd25b72bcaba89f7f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/52d/ Frame 8B3E 7 KB
8 KB 21ms
19ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/52d/6d423a432db6442bf635fd25b72bcaba89f7f.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d4d254e40b7d4b854a0ac61187226912fae932bc17e168e55c23caf5c030d6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xwVmxEqrM5K6w6ZSQFfCkp0.qo1h6hYi
ETag: "269050918c4a913437941a2e31b0f3dc"
x-amz-request-id: N36YEN39RFWH3DP7
Connection: keep-alive
Content-Length: 7636
x-amz-id-2: mPpiLWZf8di1NDaIqB+nOFvEBQv6K93qHzaNYhjDNgwkc3NfaxFBxE80mR0Gsn23Lnsd8TlzQr4=
Last-Modified: Mon, 13 Dec 2021 00:51:09 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 10bcd1381983333bc08f85fe6b4770c52aaf3.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/084/ Frame 8B3E 6 KB
6 KB 776ms
773ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/084/10bcd1381983333bc08f85fe6b4770c52aaf3.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8f84ffebfd1f0a8f1330bc7d0083fefc9860b3e02a36afec8c2add53f8512e04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: u8CyaO1qPHyQr3bHPtwga2E4LpdhKtnh
ETag: "2c92ac965ec75927ae3ed1783241bed1"
x-amz-request-id: 20ZEDB1QMG90B8CY
Connection: keep-alive
Content-Length: 5888
x-amz-id-2: X+My8h1JOHYooZEixvGP1M2wE4A50yFpAhPt71Id7pOeuqxwsdSyqKnmRa7tbk2cllPjdcE3NJk=
Last-Modified: Tue, 21 Dec 2021 17:02:41 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 5414b45f9b61b7a519ccd65ec546562520202.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/6a9/ Frame 8B3E 7 KB
8 KB 23ms
22ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/6a9/5414b45f9b61b7a519ccd65ec546562520202.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 68355e543021444fdf958d889c1bb761321b17163f4e9265cb5b15fe1d5ee475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 80ehMUtjIdhF5IaZINK4iHwmdz8W6tJ1
ETag: "2f4a242ba9e857dc7b96ade4d72a5b91"
x-amz-request-id: PZ3G0H692NZ69CNH
Connection: keep-alive
Content-Length: 7575
x-amz-id-2: bgJiYVRl1yOgyeekHEX3ml+SFPg3jGVoKH8lsSPapuQqpPs2GIaRa7s0cgPXMmn15hzoTnYpC5U=
Last-Modified: Thu, 30 Dec 2021 02:26:35 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 3c9960a6b562c42aec43ce68bb676f8fe61f4.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/7f9/ Frame 8B3E 5 KB
5 KB 755ms
754ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/7f9/3c9960a6b562c42aec43ce68bb676f8fe61f4.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 729064ada3866db16bde937971a54c5ebd4eeb4bb2a195a10b736b52489ed6f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: bMx8o8B6H8k52kfEbb8uZs6stEbMPOIi
ETag: "4e6d2c8a57a5caeefc3fbc6926e6316c"
x-amz-request-id: 20Z1W1X3KBF5SG8F
Connection: keep-alive
Content-Length: 4813
x-amz-id-2: FibPlLZq8DowH1P5g0amF5KcIemnDXiXKci0x8zfS7VoevJ334NbIEXS2KqO8zBvr1g5joMIz1Q=
Last-Modified: Fri, 17 Dec 2021 18:20:22 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 4cca0c154a64a227660c07b31ec2385ad07bd.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/984/ Frame 8B3E 5 KB
6 KB 721ms
720ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/984/4cca0c154a64a227660c07b31ec2385ad07bd.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 78d0cb749a4c88e91270ee1e0afb865406c05c296d9c65633ed7b08dde4e33b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9RiRkM0Rf5FhfYpRzhw3_CxGEPJKFXlV
ETag: "713959f7aa8df01fa3b5ecbbf266dae7"
x-amz-request-id: 20Z23GK0T32W2NE0
Connection: keep-alive
Content-Length: 5152
x-amz-id-2: +llDhFCYkz2c/wCD1DNgaQKfL3eDTLpK8nvE49SO5843xJ/WhxWyjEDEx9z/9zBrqrHbUtbFuig=
Last-Modified: Thu, 30 Dec 2021 16:46:20 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 6a8d3f78c6fdeb9e970d95c517cb9436dd72b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/956/ Frame 8B3E 8 KB
8 KB 23ms
23ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/956/6a8d3f78c6fdeb9e970d95c517cb9436dd72b.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4676b7a0e75400bb48f0caac921d1aef72b8fe3ea49fda113b571c272588f3d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gr5WRiDAlRDdEbD1aOHK8EEFq6bFO4R0
ETag: "f7bf5fcff6adf0b3a4e206e5c50d2435"
x-amz-request-id: 9D387VHBAA32821Y
Connection: keep-alive
Content-Length: 8080
x-amz-id-2: sgqxvo+9v6SdXtlmNPXwmhTDf6XHekN5jibaMwfNxciHZqiwVbFFdZZzLKzb9kCDqswIN+Yd7mI=
Last-Modified: Fri, 17 Dec 2021 13:12:24 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK c661f34bdb11c876ca2c9ea8c52cd72017214.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/5f7/ Frame 8B3E 6 KB
6 KB 26ms
26ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/5f7/c661f34bdb11c876ca2c9ea8c52cd72017214.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3143ccf6e71800ce985a72e0e0c1606427d8387f1610ec6e958f5e07375d85b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: dMoEPZqpPLSYrcGPO3EZyXyFd0GrtxUT
ETag: "cdac6d2f3411b9ae9b08d450160445a1"
x-amz-request-id: F7ZQMJH36M1NZA11
Connection: keep-alive
Content-Length: 5725
x-amz-id-2: EVKsqrlXX0qdcfNaZBjapZLMNCAU3KZEn7rgDx8AVLrsEJe/xDhJ2Oz5DEoocyEXOFFxkOjQx11CcuLl0F0DVg==
Last-Modified: Thu, 16 Dec 2021 05:35:30 GMT
Server: Apache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
513 B 68ms
15ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:43 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 16 KB
2 KB 95ms
94ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=39288760985677801640975203328&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=812916687*175%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*178%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*201%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*203%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*214%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*222%7C728x90~970x90%7C8CUBNN02K%7C812916687~812916687%7C%7C%7C1%40812916687*229%7C970x250~728x90%7C8CU734595%7C247181456~182703547%7C%7C%7C1%40812916687*251%7C970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.22820347745214864&tscode=1&crid=812916687&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22812916687%22%3A%7B%22supply_tag_id%22%3A%22article_top_ads_inner%22%2C%22xps%22%3A800%2C%22yps%22%3A135%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed0400ffd85bee01a5f055bbc79b51ca47551d3a3af7029a437ef814e33d118c

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:44 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 14 KB
2 KB 91ms
91ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=78307584050966291640975203335&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=445443433*175%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*178%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*201%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*203%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*214%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*222%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40445443433*251%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.46989128171275363&tscode=1&crid=445443433&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22445443433%22%3A%7B%22supply_tag_id%22%3A%22right_column_ad_0%22%2C%22xps%22%3A1214%2C%22yps%22%3A620.234375%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9a479ba3e86b6056e7ed5872d405abbb5e65b10ef48d13aad6688fabc37985e6

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:44 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 2 KB
1 KB 93ms
92ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=30270349537719691640975203339&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=812916687*97%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.844335627634573&tscode=1&crid=812916687&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22812916687%22%3A%7B%22supply_tag_id%22%3A%22article_top_ads_inner%22%2C%22xps%22%3A800%2C%22yps%22%3A135%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d6dd3bd5d396878ddd38adcb9da6cbd37ce8d41bf82d5a30beb0649c377b70ba

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:44 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 2 KB
1 KB 94ms
94ms EventSource
text/event-stream 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=15154024848652181640975203339&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=445443433*97%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.6633774635194762&tscode=1&crid=445443433&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22445443433%22%3A%7B%22supply_tag_id%22%3A%22right_column_ad_0%22%2C%22xps%22%3A1214%2C%22yps%22%3A620.234375%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 27e53b6304a1002da510aa6b0302e4835cc659ed1c62e50d999dd836a4aafc1f

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 31 Dec 2021 18:26:44 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 187ms
63ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 440ms
440ms XHR
text/plain 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1072099383449690&correlator=2608979320664779&output=ldjh&impl=fifs&eid=31061166%2C44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211231&iu_parts=5965368%2Cntd.tv_336x280-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=first_article%3Dtrue%26amznbid%3D2%26amznp%3D2%26mnetPageID%3D11%26mnetCC%3DDE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUBNN02K%26mnetDNB%3D1&eri=1&cust_params=ENTD_category%3Dchina-10%252Celection-integrity-36899%252Cinternational-19679%252Cny-13616%252Cnews-8%252Cpolitics-5990%252Cus-9%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&lmt=1640975203&dt=1640975203474&dlt=1640975200409&idt=2673&frm=20&biw=1600&bih=1200&oid=2&adxs=1028&adys=620&adks=2760480871&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=372x0&msz=372x0&ga_vid=1464519701.1640975201&ga_sid=1640975203&ga_hid=1932441245&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8b8a906aa8489b8114dbc0cad545275941df24ae684069bfcb4774214d2f7906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9162
x-xss-protection: 0
google-lineitem-id: 5846066627
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373091519
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 647ms
647ms XHR
text/plain 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1072099383449690&correlator=2608979320664779&output=ldjh&impl=fifs&eid=31061166%2C44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211231&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2%26mnetPageID%3D10%26mnetCC%3DDE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUBNN02K%26mnetDNB%3D1&eri=1&cust_params=ENTD_category%3Dchina-10%252Celection-integrity-36899%252Cinternational-19679%252Cny-13616%252Cnews-8%252Cpolitics-5990%252Cus-9%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&lmt=1640975203&dt=1640975203484&dlt=1640975200409&idt=2673&frm=20&biw=1600&bih=1200&oid=2&adxs=200&adys=135&adks=1030851624&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x0&msz=1200x0&ga_vid=1464519701.1640975201&ga_sid=1640975203&ga_hid=1932441245&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5a7b403ac96f58191e47b5833b4cb3c8a2db63172e8e2332a3fe008058737805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8807
x-xss-protection: 0
google-lineitem-id: 5863416657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377307901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 89C1 14 KB
5 KB 163ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=68968
expires: Sat, 01 Jan 2022 13:36:12 GMT
date: Fri, 31 Dec 2021 18:26:44 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 89C1 0
42 B 91ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45271844&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:42 GMT
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD7D 0
0 246ms
245ms Fetch
image/gif 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstulMUM3CRo_TZfiy172XYT3Wstd_buXiGAOK-7urwC9WdiFUgcdfPOtvgkgZ-9lctCSxiiMCvg0udp1hh8RuQX0LL8X3_6tb7Az5Da09c6LW7WLkdXYIaC-ZlQi6y0HVBahcYx2N8bW-Og-0A7hBZ1o8NIKr4_qqsHs3ziMbbkpidzhT1sAyKAoifCvwIQN-YDIQQA5wy8YI4PfKWpPPSwwJF8rFgTFtsHoDhpdQYFmdLpChQBh07S69i71GGZdbaUtBvJAvNWRFBd7upS-d1M7P_BMzAMDePG3zVBR95TXIcl2hNYHhZNvELn8oE8Edf1PE3mI3gkg_0&sig=Cg0ArKJSzM2ag8yKvCFNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD7D 119 KB
36 KB 646ms
417ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 18:26:45 GMT

GET
H2 200 17286973491807063794
tpc.googlesyndication.com/simgad/ Frame CD7D 458 KB
459 KB 45ms
9ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17286973491807063794?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e2b93364e83e185e6913970da7ff64cbd2ac82df4b4651c4db6e751cb646ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 13:28:34 GMT
x-content-type-options: nosniff
age: 277090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469210
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 22:36:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Dec 2022 13:28:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3EAA 0
0 246ms
246ms Fetch
image/gif 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0Bks1V5PCA_jzAUe2Df0sYfQcc-4EKGEQM4_2OgswlsJpMrTQzyuD1glDz7SjRjQTOKLjq24eBNEMLkuQYYKFxOP_DcPG5fDpq4e4AzanzCLtY2SxIbIwyMXtu3RLSdjQNs_EC6u4lLQl-co2C30XUaVGt0AMmwto3oXBbAWXK2vRb4QiNvoc6C7HldMHvKKj4GHYh-qDwx66wUSwCxKH0-BOckfNvyZ-RqH2U2V57z_GUx85-svC6bSh2pHL8YhLUqUB-ddUDQ6h32FQeSqAapUbqxo_QhU8JMDfq1eSurS8ir2iTt2CpJngbbE4B9sBEyzT_4fEx-WDbMjGYGS4ZQkrdjARLfAMr_IGHbGFhw&sig=Cg0ArKJSzLieZWdrT6JlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EAA 119 KB
36 KB 437ms
410ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 18:26:45 GMT

GET
H3 200 15366659716071553022
tpc.googlesyndication.com/simgad/ Frame 3EAA 210 KB
210 KB 27ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15366659716071553022?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

260ced7e64c413a7a7b377709f02a3e7e96b0fd5ae4533ee218b4cedc47c1dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 16:32:19 GMT
x-content-type-options: nosniff
age: 6865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215159
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 16:29:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Dec 2022 16:32:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3EAA 0
0 482ms
247ms Fetch
image/gif 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0p_CqOKTXw9HWdMrGubEbZGbqg6BKTeSl5kcL2jDZyPQPEfgRves5cx7JCDSSKvGzxWweuq2ZnYXv9LMGUut67EGk7dODBfgbYGZV7rkCSVOtJocEsyP4jYT9RsroeAilXyaBfC3O8iz5fuIl-MeruHuELLNjGVBCikZRyh4YH7dAdwUnCil2HYc2LVaxuE3dMiWGBwOw29FPexyzEDo1mBEeDvBLHSvYtFtM4VGtOVv9zLRM6JBScCG-NFTvGp_eHnTMGKcD4B7ZgABr_tV66JwtyBImlNLTiOanXIceF1hZuFOls67BM0astWSKFZFZNn31STg&sig=Cg0ArKJSzD-jN6iCTbotEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 31 Dec 2021 18:26:45 GMT

GET
DATA 200
OK truncated
/ Frame 3EAA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cf5164aa1a5658fc619acef7a852c39fea39821616e71dc782620f7558e7a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD7D 0
0 458ms
245ms Fetch
image/gif 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-y5r4xu8Bdq9GIPtGozrTbnK0am22oQadiA4RU5puKOvfMG9UrduH7YOBavt1e-ewyLPQtM8wDDLGdmyjq8C8RpYD6gpqlhOdQVHEKwjg2bLGzw4SiH6Kb2EUfzv-U6K60P1H2wicIK4fy5cWdxQyuO_MEtlc7y_ekYD3XmRxU3IexHvYlkb4-iDIET4GYZaPQ6RuMYTEvcRadi7pmx4Y6UneFRC7ksLUdAVsA-wTNI9s_lba-wsC425FwB11FmFZvsrIh5McnUGEfLeAoEwVGXPaTSwCKYfnCOxJ9htHOZNshcbOQ8Zm_qTXt1o&sig=Cg0ArKJSzH04RvEF8EI5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 31 Dec 2021 18:26:45 GMT

GET
DATA 200
OK truncated
/ Frame CD7D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23a527e1a20170a0af41d45a3c1eb30dcf610a399ce85e288f9a3c5ec86123d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 3D00 28 KB
10 KB 35ms
34ms Document
text/html 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=273%2C159%2C59%2C3008%2C255%2C214%2C3018%2C157%2C77%2C141%2C126%2C80%2C208%2C109%2C2034%2C117%2C222%2C3%2C2030%2C251%2C3017%2C2027%2C3016%2C3015%2C184%2C3007%2C201%2C226%2C3012%2C188%2C246%2C203%2C108%2C175%2C178%2C3014%2C97%2C186%2C229%2C2033%2C193%2C2026%2C225&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c1620334ef2315aeeb73973b6d46fbd6697fd95494333e180aeb78add4ab5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=152599
expires: Sun, 02 Jan 2022 12:50:04 GMT
date: Fri, 31 Dec 2021 18:26:45 GMT
content-length: 9869

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 62ms
61ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Fri, 31 Dec 2021 18:26:45 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 54ms
22ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20848f152b7de33a14d64bd69487944a3b7e4d850abd5d568024467258f2e5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8583
x-xss-protection: 0

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 25 KB
26 KB 690ms
179ms Script
application/javascript 52.218.236.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.236.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6e88237108127024092b10e93eb3e08ef39c2b9f293339f84b0640a746f37ac0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:47 GMT
Last-Modified: Sun, 21 Nov 2021 17:31:13 GMT
Server: AmazonS3
x-amz-request-id: 7CMDGB59M3X3CX18
ETag: "d3e7c690ed8fb30d767f4a9c2818372f"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 25848
x-amz-id-2: qiYUQWtjfj3hRgZz6dv5aFDK3nVOdB92foPAU/rbLiv1ibtjgYhA370/OHN67x27W9rrI9/O+Vo=
Expires: Tue, 21 Dec 2021 17:31:11 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=critical%2dentities%2dtargeted%2din%2dsuspected%2dchinese%2dcyber%2dspying_627894%2ehtml
https://a.clickcertain.com/px/?c=2455d1796b86efb

3 KB
2 KB

182ms
181ms

Script
text/javascript

2606:4700:3039::6815:c074
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb
Protocol: H2
Server: 2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc671631843d094476d3bdf6757816ad3b5e97b278803fbd7fa30995358f331

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
content-encoding: br
x-frontend: cc-nginx-5887db8794-2hz8m:cc-nginx-5887db8794-2hz8m
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: ccadda14-97ec-917e-ada9-934885738a3b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTITtHItzct9qXPqZAkZDgOg1sOryjUYbw9Sd5nakeBivD3n52DrdA8WjgNaLnSIe%2FdIeHf6Vo7g3u76PyUuh63X5x6G6flivBg3lFSO1662ro3oC%2Fd3TKL1Q%2FcUM4IIMDYnKwZc9VwGHURaGxwYrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-envoy-upstream-service-time: 46
cf-ray: 6c658ede8ca55a37-MXP

Redirect headers

date: Fri, 31 Dec 2021 18:26:46 GMT
x-frontend: cc-nginx-5887db8794-m625l:cc-nginx-5887db8794-m625l
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 629857db-06fe-944a-80e9-e5905bb9f123
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0o6vpR49FPHLjHXESye1%2B1svdOT66iuK55OZlg6jsQWz7tbL31lsS3vNRYxeoyom148vU4dnR5bEn%2FlSx5n%2BbkOapMekuIoDYznN1UaV8arBR1LAeQTuPDJs25vRGZ4kAhxA6DFL9f%2BEDEz86xEzJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://a.clickcertain.com/px/?c=2455d1796b86efb
x-envoy-upstream-service-time: 29
cf-ray: 6c658edd69d55a37-MXP

GET
H2 200 log
c21lg-d.media.net/ Frame 3D00 35 B
194 B 234ms
170ms Image
image/gif 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2839768056687050000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=273%2C159%2C59%2C3008%2C255%2C214%2C3018%2C157%2C77%2C141%2C126%2C80%2C208%2C109%2C2034%2C117%2C222%2C3%2C2030%2C251%2C3017%2C2027%2C3016%2C3015%2C184%2C3007%2C201%2C226%2C3012%2C188%2C246%2C203%2C108%2C175%2C178%2C3014%2C97%2C186%2C229%2C2033%2C193%2C2026%2C225&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-212-24.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 31 Dec 2021 18:26:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 31 Dec 2021 18:26:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E13 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 31 Dec 2021 18:19:03 GMT
expires: Sat, 31 Dec 2022 18:19:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2031 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d28b0cac647edc0b29b8e5a598c4c22dcb2f2af03fef3fa316c76c2037bedd9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w2N1lg7AAxY1XuHw/yz8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 31 Dec 2021 18:26:45 GMT
date: Fri, 31 Dec 2021 18:26:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-w2N1lg7AAxY1XuHw/yz8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2031 0
0 62ms
47ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1072099383449690&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E13 35 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 19:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 19:33:18 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 04E5 2 KB
1 KB 71ms
18ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F689 52 KB
17 KB 47ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 01 Jan 2022 02:32:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 31 Dec 2021 18:26:45 GMT
Age: 57268
X-Served-By: cache-lga13625-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 776929
X-Timer: S1640975206.991162,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4FB0 281 B
554 B 38ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 31 Dec 2021 18:26:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 2ACC 0
0 34ms
22ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c658edd4e695b74-FRA

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 80EE 38 KB
14 KB 19ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=54029
expires: Sat, 01 Jan 2022 09:27:14 GMT
date: Fri, 31 Dec 2021 18:26:45 GMT
vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame A753 0
0 32ms
23ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c658edd4e6b5b74-FRA

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0717 2 KB
1 KB 63ms
17ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame EE17 2 KB
1 KB 72ms
25ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 5189 0
35 B 30ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Fri, 31 Dec 2021 18:26:45 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B601 38 KB
14 KB 19ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=54029
expires: Sat, 01 Jan 2022 09:27:14 GMT
date: Fri, 31 Dec 2021 18:26:45 GMT
vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 1904 0
35 B 30ms
23ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Fri, 31 Dec 2021 18:26:45 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F894 52 KB
17 KB 34ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 01 Jan 2022 02:32:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 31 Dec 2021 18:26:45 GMT
Age: 57268
X-Served-By: cache-lga13625-LGA, cache-hhn4074-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 748523
X-Timer: S1640975206.991359,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 72E5 38 KB
14 KB 19ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=54029
expires: Sat, 01 Jan 2022 09:27:14 GMT
date: Fri, 31 Dec 2021 18:26:45 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 913F 38 KB
14 KB 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=54029
expires: Sat, 01 Jan 2022 09:27:14 GMT
date: Fri, 31 Dec 2021 18:26:45 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BFB1 52 KB
17 KB 42ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 01 Jan 2022 02:32:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 31 Dec 2021 18:26:46 GMT
Age: 57268
X-Served-By: cache-lga13625-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 776930
X-Timer: S1640975206.004408,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CE3D 52 KB
17 KB 42ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 01 Jan 2022 02:32:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 31 Dec 2021 18:26:46 GMT
Age: 57268
X-Served-By: cache-lga13625-LGA, cache-hhn4074-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 748524
X-Timer: S1640975206.005904,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 71FA 2 KB
1 KB 51ms
17ms Document
text/html 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 6EB0 0
35 B 18ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Fri, 31 Dec 2021 18:26:45 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame D764 0
0 15ms
13ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c658edd5e955b74-FRA

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame ADD8 0
0 13ms
11ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

date: Fri, 31 Dec 2021 18:26:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c658edd5e965b74-FRA

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 35E7 0
35 B 17ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Fri, 31 Dec 2021 18:26:45 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK impression Show response
api.dable.io/logs/services/ntd.com/users/40944722.1640975202687/ Frame 8B3E 2 B
157 B 254ms
254ms XHR
text/plain 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/logs/services/ntd.com/users/40944722.1640975202687/impression?source=627894&pick=&rm=10.1.7&cm=0.0.0&channel=side_bar_widget.default&reco_type=personalized-related-news&cid=40944722.1640975202687&widget_id=Ql9OO5o4&request_id=x622j4Z4NimG22A&reco_list_lz=NobwRAlgJmBcYHYCMAWJAmAbGANGAtgKYAuAFgPYzxIAMAdEnQmAL47jRyK2ZIAcuAiQpUwtBk1btIohOgwIAnIKJlKXcY2ZsOsmor4BWAMwrh66vS1TdXZHz40BeVSI1XJOmXf2LD2F3NRTU9pTnhkBExMU0C1YI9tMNkkQxQaFDN49wkk2wikJGMsLLdLXJtvCP10GmY4srFEyvDuJEwEWKFs8usvVvtDPi7XCyaK-r0DA1KxkLyqxFq%2BBHruxvmWlL5eAPW55sm7JEVjRTXRhInk45pMQxpZq76bguRMdCecl-ylmkMMF9eqFfshDFFlA0DtdQbV0OcgeMfoswcgRkFviCUagDEhEZsWABdIA&uri=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8

GET
H2 200 impression
r-log.dable.io/s/ntd.com/u/40944722.1640975202687/ Frame 8B3E 35 B
140 B 256ms
255ms Image
image/gif 3.36.41.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/ntd.com/u/40944722.1640975202687/impression?source=627894&pick=&rm=10.1.7&cm=0.0.0&channel=side_bar_widget.default&reco_type=personalized-related-news&cid=40944722.1640975202687&widget_id=Ql9OO5o4&request_id=x622j4Z4NimG22A&reco_list_lz=NobwRAlgJmBcYHYCMAWJAmAbGANGAtgKYAuAFgPYzxIAMAdEnQmAL47jRyK2ZIAcuAiQpUwtBk1btIohOgwIAnIKJlKXcY2ZsOsmor4BWAMwrh66vS1TdXZHz40BeVSI1XJOmXf2LD2F3NRTU9pTnhkBExMU0C1YI9tMNkkQxQaFDN49wkk2wikJGMsLLdLXJtvCP10GmY4srFEyvDuJEwEWKFs8usvVvtDPi7XCyaK-r0DA1KxkLyqxFq%2BBHruxvmWlL5eAPW55sm7JEVjRTXRhInk45pMQxpZq76bguRMdCecl-ylmkMMF9eqFfshDFFlA0DtdQbV0OcgeMfoswcgRkFviCUagDEhEZsWABdIA&uri=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&is_gif=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.36.41.122 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-41-122.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/40944722.1640975202687?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=40944722.1640975202687&uid=40944722.1640975202687&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 18:26:46 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4FB0 32 KB
10 KB 8ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=42641
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Sat, 01 Jan 2022 06:17:27 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F689 0
731 B 11ms
10ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2c08af10-5e9c-43ce-b460-6ceeec993d25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F894 0
731 B 17ms
17ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 33318e84-d885-45b9-9914-803c375e1089
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BFB1 0
731 B 41ms
41ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c848e02e-9605-46f8-a67e-3831161dbcec
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CE3D 0
731 B 9ms
9ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 499e498c-47a4-47ba-9f8d-2f63138b161e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame EF4D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

73ms
71ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8cab2abfe98a370e356815db77c29fa48437ac9e933185d3a4f66479b0ec49c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|39|241|152|47|90|8
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1636
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame C523
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

62ms
61ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d92c9c4f49e5826c988e6c55b117671cb19b9a821d94bf0a20f6b66adbf9f9a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|39|241|46|8|57|221
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1616
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 37A5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

64ms
63ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3fbd407810528f1407ec0ef38ce07f0bf610404b39d53d4847ea8adfdf0c451e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|45|230|13|47|105|156
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1759
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame D479
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

61ms
60ms

Document
text/html

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43795bbf96b851d982c7052297874d12dbb03a830595ef534c5a83c5ea7412e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|39|241|65|40|46|57
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1629
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 31 Dec 2021 18:26:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1072099383449690&bg=!GhmlGV3NAAZKWFskSlg7ACkAdvg8WgVmSivl8mhZob5APDmnRfmkW5XBkKmiLz4iLPfOMc1dGE0isAIAAAEIUgAAAAtoAQeZAo5DzdhyteBz1cn233ZRA0efyJjYroWRlZ64vvzZNeJUe9yYx15Tbvt-JzRsjtUiEZuDXVk1mp3W6kHEqPUb7jhUsTk2exZHlK2-a2u9dtlEN8UPyYPFTM3KOgvpb9ovLbNk-7vk7YT3ypFCSDicH9c1ol066h-wYEYXqTTlkAumVuKKzarwdySUWz9CB1vve9s9i5YiH6P5Yrbw9lv6OaPGkN0eovPZSP8ksNnMT9HiiyHpuyCNUPlWJEN-hov94_dtCERhHujaYd3_--WYQ_kOOqKsmp8McfNFjRCouE8y394H__utyqxxQA4oBVJEi8VkcGMEyOz0J92KUPvo9R6Tgo1Zp92zy9ZKIU9hLDKaF_9fc8BJFcOmbveJADtEvsGmHZ0erFUMdjCeEsIe3rsynzPJZO41DEQop5a9SfKEuXHCjoq5ppti58MFfyWgtuxLkPZ-omfMZ4QH5uPscpoG8Woyi6dCuvRYh4qNDKn-adaI1VnqHUuSRztMEeToodYfQrZa1gbgCOxWQL8TA7DTnX2nFWHDzBfV52haRs35lvVtYX0ocoaRh1-B8T7JEg9nt_9_K5RAG5YVP_gypAmEMS_CynyYuVz1T0wt05T0p9N79acgwTwjLTZhZt1fY9ewDYdpWZfAER0k6iyo7Jjd8coNQpKFSkZiVLDhAzuIX7-d7YhdvGkY14GOVz-f1M-5q1M9n9CnSwsQ51_kQ0jxuojTc9kZ12Q4HUADet1CSrFk7SpLJyw5bJRvDSj8zLOBhIMSGGgSlEi9Yd3ycpi05OkEUPB8YycTqyVPOsPPqHVKSd9Z6k0eg5bzelj_wJle4zHfUvQtMC3ddDKtjoWlm37T12xLpq1de5Xqf8k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FB0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA2MDYxMWQzMjk5NzEwZWU1MDE4YTQ1MDU3YTI4YWNjNTUxYmFlZQ

170 B
188 B

21ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA2MDYxMWQzMjk5NzEwZWU1MDE4YTQ1MDU3YTI4YWNjNTUxYmFlZQ

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA2MDYxMWQzMjk5NzEwZWU1MDE4YTQ1MDU3YTI4YWNjNTUxYmFlZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4FB0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bc4561cf-4b65-4600-a569-8cf71b22a3d3

0
239 B

9ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bc4561cf-4b65-4600-a569-8cf71b22a3d3
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bc4561cf-4b65-4600-a569-8cf71b22a3d3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 31 Dec 2021 18:26:45 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4FB0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/GUaQ3ra0FBNEEoyAcg44Zw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3464064349838276064

0
239 B

9ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3464064349838276064
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Fri, 31 Dec 2021 18:26:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3464064349838276064
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4FB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJhyRAmTxS0LINBUhV99hyE&google_cver=1

0
239 B

47ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJhyRAmTxS0LINBUhV99hyE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJhyRAmTxS0LINBUhV99hyE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 4FB0 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FB0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hVUTlNVlUtVy00RDI1

170 B
188 B

21ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hVUTlNVlUtVy00RDI1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hVUTlNVlUtVy00RDI1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 4FB0
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXUQ9MVU-W-4D25&sigv=1&esig=2~57732edeb35dc1b323d64b0800e6acf4bdc40120

0
445 B

84ms
22ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXUQ9MVU-W-4D25&sigv=1&esig=2~57732edeb35dc1b323d64b0800e6acf4bdc40120

Protocol

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXUQ9MVU-W-4D25&sigv=1&esig=2~57732edeb35dc1b323d64b0800e6acf4bdc40120
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 4FB0 70 B
265 B 118ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame C523
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

43 B
315 B

29ms
29ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C523
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

43 B
1001 B

33ms
32ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame C523 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C523
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8X1J4QQRMAAY83C1Q4G4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E1QCWPC52CVSRG2CDQQ1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZiuQgSsUiLAOim15swAABK4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame C523 0
0 76ms
58ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C523
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=40d5d9c8-3d4f-47c2-ac3e-cd4bc68c4a4f&expiration=1672511206

43 B
1 KB

61ms
60ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=40d5d9c8-3d4f-47c2-ac3e-cd4bc68c4a4f&expiration=1672511206
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=40d5d9c8-3d4f-47c2-ac3e-cd4bc68c4a4f&expiration=1672511206
date: Fri, 31 Dec 2021 18:26:46 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C523
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822221015060

43 B
1 KB

32ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822221015060
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822221015060
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tpid=Yc9LZiuQgSsUiLAOim15swAA%261198
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame C523
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Yc9LZiuQgSsUiLAOim15swAA%261198?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yc9LZiuQgSsUiLAOim15swAA%261198?gdpr_consent=&us_privacy=&gdpr=1

49 B
737 B

49ms
49ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yc9LZiuQgSsUiLAOim15swAA%261198?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.115
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yc9LZiuQgSsUiLAOim15swAA%261198?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.30.24
content-length: 0
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame C523 43 B
424 B 21ms
19ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yc9LZiuQgSsUiLAOim15swAA%261198
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=963
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:42:49 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D479
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

43 B
1001 B

53ms
35ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D479
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

43 B
315 B

29ms
29ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D479 70 B
264 B 34ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D479
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

43 B
645 B

105ms
104ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YH5N0VCRRGWFZM0JMT45
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8DF73C8ZAMVMCSNVZ3RD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame D479
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641061606&gdpr=1

43 B
315 B

89ms
32ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641061606&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641061606&gdpr=1
pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame D479 0
0 30ms
14ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D479
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559722100736703

43 B
1 KB

31ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559722100736703
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559722100736703
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame D479 43 B
424 B 20ms
17ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yc9LZlRH6QhipBf4e.TqfgAA%261201
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=963
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:42:49 GMT

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame BD46 942 B
739 B 137ms
134ms Document
text/html 2606:4700:3039::6815:c074
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61580805081c029a159d39f5bc66410dbec1a1ec6d1771c9df0d2e998e246e02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
content-type: text/html
etag: W/"ZDFmMjc0OTdnZGQwZmc0YzkxZzhkOTlnZjBiYTY0NTNlZWU3LXow"
x-frontend: cc-nginx-5887db8794-cw92x:cc-nginx-5887db8794-cw92x
x-requestid: c22a7931-a4a6-97f3-b53e-797fdadbc788
x-envoy-upstream-service-time: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0%2FUp1byOGPxJackDpd1nIiJnVlO2XF1cXHVYqDQ8OYTV%2BUXKRKayA%2FLTMnra8DACIAw83OgglcAKf8WYQIGJY1wRY2%2BLoh7a9%2BPKJvCmfgMGHWDq1Nov5oy8NAl%2F2DPLUeYXiGXLh4TVARi3JeASA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c658ee0288b5a37-MXP
content-encoding: br

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 37A5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

43 B
645 B

105ms
104ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N5JJXK6PBNQ7ZJYDKNQD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JQT8DEH6GQY2H23T8B49
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 37A5 70 B
264 B 33ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 37A5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

43 B
1016 B

38ms
33ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 37A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

43 B
315 B

31ms
30ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 37A5
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
1007 B

47ms
37ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date: Fri, 31 Dec 2021 18:26:46 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin
Keep-Alive: timeout=5

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 37A5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xGvxhjn31N3mC25&gdpr=1

43 B
989 B

32ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xGvxhjn31N3mC25&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:45 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xGvxhjn31N3mC25&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 37A5
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1017 B

31ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Fri, 31 Dec 2021 18:26:46 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 37A5 35 B
380 B 394ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 37A5 43 B
424 B 21ms
18ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yc9LZlRH6QhipBf4e.TqfgAA%261201
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=963
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:42:49 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame EF4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1

43 B
315 B

29ms
29ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPASdIz4nF-Lb7lx1gz_WM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EF4D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yc9LZlRH6QhipBf4e.TqfgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2

43 B
1001 B

60ms
35ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAndJpI3LB0Rb03ARcePz3o&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame EF4D 70 B
264 B 37ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame EF4D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TX55CHPXMKS3TZ8CJPB0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YSVY1C1BS1HX2AA3YRCK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yc9LZlRH6QhipBf4e-TqfgAABLEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EF4D
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=689c82a0-4f6e-49de-94ab-ee9fe1efe9a5

43 B
1 KB

33ms
32ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=689c82a0-4f6e-49de-94ab-ee9fe1efe9a5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=689c82a0-4f6e-49de-94ab-ee9fe1efe9a5
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EF4D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=APcLrUML1N3mC25&gdpr=1

43 B
989 B

34ms
34ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=APcLrUML1N3mC25&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=APcLrUML1N3mC25&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame EF4D
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
278 B

19ms
19ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 18:26:46 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EF4D
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f3c76c23-d752-41c7-9fda-05497a5c7124&expiration=1672511206

43 B
1 KB

34ms
30ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f3c76c23-d752-41c7-9fda-05497a5c7124&expiration=1672511206
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f3c76c23-d752-41c7-9fda-05497a5c7124&expiration=1672511206
date: Fri, 31 Dec 2021 18:26:46 GMT
server: Kestrel
content-length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame EF4D 43 B
424 B 19ms
17ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Yc9LZlRH6QhipBf4e.TqfgAA%261201
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=963
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:42:49 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame F77E
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

97ms
97ms

Document
text/html

18.213.10.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-151.compute-1.amazonaws.com
Software: /
Resource Hash: cd1b773dec11cfb232428114ff29100e0da8438699f7aa233d1aebdb57f9d288

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Fri, 31 Dec 2021 18:26:46 GMT
pragma: no-cache

Redirect headers

date: Fri, 31 Dec 2021 18:26:46 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3EAA 42 B
64 B 56ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh0NNhUEeUnTNE7iPf3VfOhg0u2uaoAvzwxb4ExrkY_d395XPAOL-LmIGkOICQNTUCvVuYagva-VJX7Q0W9U-tSUCxD2RiNoLoHQ8QGqhkqsWfj6V0&sig=Cg0ArKJSzMUD_oTz5HnNEAE&id=lidar2&mcvt=1000&p=135,315,385,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1030851624&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640975204146&rpt=685&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD7D 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVwXYtKx-YCdWU828BPDXyPG1G0pynWZ2nYf497H-1PWrB2FRfAEHUq60M7o-lV9athGqLqUD6rJoHGIUIi7kG1Z97FHQ8wkO3ruu52LrsaCQI84r0&sig=Cg0ArKJSzPly6impuNkWEAE&id=lidar2&mcvt=1000&p=867,1064,1467,1364&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.56&app=0&itpl=19&adk=2760480871&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640975203944&rpt=910&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 107 KB
34 KB 25ms
24ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: LnUEiQicLR0PB_19rEBkqllnYGNw9feA
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 07:32:04 GMT
Server: Apache
x-amz-request-id: H84TVRV41TZX4QR3
ETag: "8149da179cc4858e221e9c80dc7ccd6c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=66207
Date: Fri, 31 Dec 2021 18:26:46 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33936
x-amz-id-2: iLXwudo0Cn7GXIJmaAWsaIvfFkEozBnflvZeUp8cFNMo9hPhvn5Gh4W4FfuCrEmI095F+qjNx1E=

GET
H/1.1 200
OK view Show response
api.dable.io/logs/services/ntd.com/users/40944722.1640975202687/ 54 B
285 B 247ms
246ms Script
text/javascript 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66e873224f8f45d8352d754911e3ab1220145e5d8a89b52338dba1fbb61f64bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H2 200 view Show response
r-log.dable.io/s/ntd.com/u/40944722.1640975202687/ 54 B
198 B 263ms
259ms Script
text/javascript 3.36.41.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.36.41.122 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-36-41-122.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

654d20411dda7f4c4ae35fa468aed9ac3c35e7d38b20f8a0c2b2793534f562ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1

35 B
206 B

237ms
236ms

Image
image/gif

3.38.125.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1
Protocol: H2
Server: 3.38.125.168 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-125-168.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEE46bGje5VMkSRrwQ9DOPd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=40944722.1640975202687
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D

0
493 B

259ms
258ms

Image
text/plain

211.249.220.158
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 18:26:46 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220101%22,%22u%22:%2240944722.1640975202687%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2 200 NTD_news_newsletter_popup.jpg
www.ntd.com/assets/themes/ntd/images/ 69 KB
69 KB 11ms
10ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTD_news_newsletter_popup.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

118de8ffab97cc54e9c0dea09248c59982dc87af781fc9e1c4bb26beec4c7eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 20:26:26 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "6196b6f2-11495"
x-hw: 1640975206.cds003.fr8.hn,1640975206.cds013.fr8.c
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 70805
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame BD46
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=48d66f96-9b05-469c-81a6-d99d28785432

0
363 B

147ms
147ms

Image
text/plain

2606:4700:3039::6815:c074
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=48d66f96-9b05-469c-81a6-d99d28785432
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&cn=DE
Protocol: H2
Server: 2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:46 GMT
x-frontend: cc-nginx-5887db8794-r6wcg:cc-nginx-5887db8794-r6wcg
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: c664c4f9-3e02-9c3f-87a0-af69b03bb7f8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebjStFgzlsYizzmZQIrat6W7l%2BukETo2hkvJUKdlxyGYq8%2B7eIlzVZp5vFwsiAQm7%2Fx9MupfrGt9KG3HtD8UjEMsnnUbOtEkeDTIOMQKhv5LtUCSn9uhAPoYEeVDXw%2F9hCJ69mp4NGZyqjm3nRzfkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 14
cf-ray: 6c658ee25d935a37-MXP

Redirect headers

location: https://a.clickcertain.com/px/ta/?done=true&ta_id=48d66f96-9b05-469c-81a6-d99d28785432
date: Fri, 31 Dec 2021 18:26:46 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%...

42 B
350 B

165ms
165ms

Image
image/gif

44.239.105.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522b26aeb25-ca16-4950-99f8-5534a40e6fe9%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tdc=1
Protocol: H2
Server: 44.239.105.249 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-105-249.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:47 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%2522b26aeb25-ca16-4950-99f8-5534a40e6fe9%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tdc=1
date: Fri, 31 Dec 2021 18:26:47 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET

/
a.clickcertain.com/px/img/bidswitch/ Frame BD46
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dd1f27497%2Ddd0f%2D4c9...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&anx_uId=8722759899100838220

0
0

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame F77E 43 B
1 KB 37ms
36ms Image
image/gif 2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=09374fce-d193-479c-999b-be72ff6ae4af&expiration=1648751206
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 18:26:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F689 0
731 B 13ms
12ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:47 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cb5968d5-551e-4b4f-8968-8de8ff4b33ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F894 0
731 B 47ms
46ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:47 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 246e8197-98a8-42f8-bee5-12ebc8daac40
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BFB1 0
731 B 27ms
27ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:47 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 564aac9f-fcd9-4271-99c7-656d16e00ec5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CE3D 0
731 B 30ms
29ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 18:26:47 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 267d7198-1132-4aee-9831-700ac0d32806
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/ntd.com/id/627894/ 97 B
371 B 244ms
243ms Script
text/javascript 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/627894/checksum?callback=dbljson6

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6ecde4623f8201da9896ca25e990c0b3a6e5d865ca146284f07a0d3bccde90a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"61-INjObKHT7Tg33KQ7WArZCoJqa60"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 110

GET
H/1.1 200
OK update Show response
api.dable.io/items/services/ntd.com/id/627894/ 65 B
296 B 244ms
236ms Script
text/javascript 3.38.76.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/627894/update?title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&image_url=https%3A%2F%2Fimg.ntd.com%2Fassets%2Fuploads%2Fexternal%2F2021%2F06%2FNew-York-City-subway-.jpg&price=&author=The%20Associated%20Press&currency=&sale_price=&sale_currency=&category1=China&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2021-06-15T10%3A58%3A55-04%3A00&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&description=RICHMOND%2C%20Va.%E2%80%94A%20cyberespionage%20campaign%20blamed%20on%20China%20was%20more%20sweeping%20than%20previously%20known%2C%20wit&body_length=6622&callback=dbljson7

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.38.76.215 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-76-215.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0ea64fe6b27a6e0382c699ee66e7c613fff45014e70ae469b8b15eaca7dffaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 18:26:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 78
Content-Type: text/javascript; charset=utf-8

GET
H2 200 push_notif_ntd.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 82ms
29ms Script
application/javascript 2606:4700:3038::6815:ea4e

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 19:08:58 GMT
server: cloudflare
age: 3065
etag: W/"5e4d87ca-189e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9WdJaaOGU6iWWrcPemnhMh77N4UJE1GrUhAL0LzDnlCjJ3xfvLpqCQ8PMEPpoGkpPLRzSkMttt9vI4JfvHwiIx%2F9xOdzu%2FI%2FmtqzyklBTk9c5Sx0uW0z9%2FrNQrl2ai%2Bcn4a9whjr6LPsfZNSo7yqS8mRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c658eeeeaed59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cbb358742efbe80005a15256de11d533.js Show response
clientcdn.pushengage.com/core/ 77 KB
19 KB 195ms
166ms Script
application/javascript 13.35.253.128

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1640975200764
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.128 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 161ec6dad12de0ee466c116cb52fe128ccebcc3d4d194ee48e3dd64d3ba747b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:26:48 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-id: 5UrzGime6gHdgZN-SaIr-CFyEDIHizU5MeNH_lEIdeHPjIaj2rNcVA==
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D

Domain: a.clickcertain.com
URL: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d1f27497-dd0f-4c91-8d99-f0ba6453eee7&anx_uId=8722759899100838220

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 00:32:47	Name: _li_ss Value: MgYIkgEQjxE
tnews.to/	1970-01-20 00:32:47	Name: prli_click_3555 Value: china-cyber-spying-us
tnews.to/	1970-01-20 08:35:11	Name: prli_visitor Value: 61cf4b5ebd761
.ntd.com/	1970-01-20 17:20:47	Name: _ga Value: GA1.2.1464519701.1640975201
.ntd.com/	1970-01-19 23:51:01	Name: _gid Value: GA1.2.1801831692.1640975201
.ntd.com/	1970-01-19 23:49:35	Name: _gat Value: 1
www.ntd.com/	1970-01-20 08:35:11	Name: epoch_gdpr_userid Value: dc80e1bc-0cba-68e5-c26d-c538eca642a2
.ntd.com/	1970-01-19 23:59:40	Name: ntdViewCount_fb Value: 2
.scorecardresearch.com/	1970-01-20 17:06:23	Name: UID Value: 1TL4AJGTUTUOCWW4GI0443g1640975202
www.ntd.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1640975201112
.twitter.com/	1970-01-20 17:20:47	Name: personalization_id Value: "v1_Q2+agqby9d2+bhZ1uIOpgg=="
.mixi.media/	1970-01-20 08:35:11	Name: _sm_uid Value: 352ab49d-01a6-4ab4-b27d-65389f483510
.mixi.media/	1970-01-20 08:35:11	Name: _sm_udt Value: 1640975202151
.mixi.media/	1970-01-19 23:49:37	Name: _sm_sid Value: ab74eb58-53a5-490b-88ce-5d61a94a2d70
.stat.media/	1970-01-20 08:35:11	Name: _sm_uid Value: 352ab49d-01a6-4ab4-b27d-65389f483510
.stat.media/	1970-01-20 08:35:11	Name: _sm_udt Value: 1640975202151
.stat.media/	1970-01-19 23:49:37	Name: _sm_sid Value: ab74eb58-53a5-490b-88ce-5d61a94a2d70
.stat.media/	1970-01-20 00:32:47	Name: _sm_cm Value: 32
.mixi.media/	1970-01-20 02:13:35	Name: nid Value: ads5-2sselp12
.dable.io/	1970-01-20 02:13:35	Name: uid Value: 40944722.1640975202687
.dable.io/	1970-01-19 23:49:55	Name: _skp Value: 1
.dable.io/	1970-01-20 00:07:12	Name: _gg_ck_match Value: 1
.www.ntd.com/	1970-01-20 17:20:47	Name: dable_uid Value: 40944722.1640975202687
.doubleclick.net/	1970-01-20 09:11:11	Name: IDE Value: AHWqTUnzyAOtUp2R4tMqG6D4VAMpChFnvJqmoNO2oLavsmVSXln-OcnQViEJGmLXPtU
.gumgum.com/	1970-01-20 08:35:11	Name: cs Value: true
.adnxs.com/	1970-01-20 01:59:11	Name: icu Value: ChgI159BEAoYASABKAEw45a9jgY4AUABSAEQ45a9jgYYAA..
.adnxs.com/	1970-01-20 01:59:11	Name: uuid2 Value: 8722759899100838220
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/	1970-01-20 08:35:11	Name: khaos Value: KXUQ9MVU-W-4D25
.rubiconproject.com/	1970-01-20 08:35:11	Name: audit Value: 1\|naVuGyos1qpV4AumPVOSkUZeVCuLeoYaJAQRvrb7NaabCHyK42ojycvN0M32aQDb3OnsRse95/PAUJ+gL7gixREiWVDBisffUN+/nvRkaHE=
.ad.daum.net/	1970-01-20 01:59:11	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220101%22%2C%22u%22%3A%2240944722.1640975202687%22%7D%7D
.ntd.com/	1970-01-20 09:11:11	Name: __gads Value: ID=d80505e3efb98ef0:T=1640975204:S=ALNI_MZGC1Gcd5zZ0uF3iz6tLk6ZkAeQ3w
.ds.kakao.com/	1970-01-20 01:59:11	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220101%22%2C%22u%22%3A%2240944722.1640975202687%22%7D%7D
.media.net/	1970-01-20 08:35:11	Name: visitor-id Value: 2839768056687050000V10
a.clickcertain.com/	1970-01-20 08:35:11	Name: _ccpx_u Value: d1f27497%2ddd0f%2d4c91%2d8d99%2df0ba6453eee7
.casalemedia.com/	1970-01-20 01:59:11	Name: CMPS Value: 5223
.casalemedia.com/	1970-01-19 23:51:01	Name: CMST Value: Yc9LZmHPS2YA
.casalemedia.com/	1970-01-20 08:35:11	Name: CMID Value: Yc9LZlRH6QhipBf4e.TqfgAA
.casalemedia.com/	1970-01-20 01:59:11	Name: CMPRO Value: 1201
a.clickcertain.com/	1970-01-20 08:35:11	Name: _ccpx Value: 2455d1796b86efb
a.clickcertain.com/	1970-01-20 08:35:11	Name: _ccpx_2455d1796b86efb Value: 1
.mathtag.com/	1970-01-20 09:15:30	Name: uuid Value: bc4561cf-4b65-4600-a569-8cf71b22a3d3
.yahoo.com/	1970-01-20 08:35:32	Name: A3 Value: d=AQABBGZLz2ECEB8ZE1aCHLo9WS3_3Dj1-qIFEgEBAQGc0GHZYQAAAAAA_SMAAA&S=AQAAAmYLh73Owco-tEfgE7Jr8uY
.w55c.net/	1970-01-20 00:32:47	Name: matchcasale Value: 5
.w55c.net/	1970-01-20 09:19:49	Name: wfivefivec Value: APcLrUML1N3mC25
.simpli.fi/	1970-01-20 08:36:37	Name: suid Value: B17F2AF3827C4E849245D2F8091095E0
.crwdcntrl.net/	1970-01-20 06:18:22	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:18:22	Name: _cc_id Value: c09256ef11d2c368fb4a9b72d3ccc0fe
.crwdcntrl.net/	1970-01-20 06:18:23	Name: _cc_cc Value: "ACZ4XmNQSDawNDI1S00zNEwxSjY2s0hLMkm0TDI3SjFOTk42SEtlAILE895pIBoKAGK4C04%3D"
.crwdcntrl.net/	1970-01-20 06:18:23	Name: _cc_aud Value: "ABR4XmNgYGBIPO%2BdBqSgAAAXyQHi"
www.ntd.com/	1970-01-19 23:59:40	Name: _geuid Value: b26aeb25-ca16-4950-99f8-5534a40e6fe9
www.ntd.com/	1970-01-19 23:59:40	Name: _gepi Value: true
www.ntd.com/	1970-01-19 23:59:40	Name: _geps Value: true
.rfihub.com/	1970-01-20 09:11:11	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmJgaW5qZGBmam4EAEXQS_QQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjI0MDA3NjM3MBbiM9QtKDAzcjMLSy82KE0DAHrqf48lAAAA
.rfihub.com/	1970-01-20 09:11:11	Name: rud Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjI0MDA3NjM3MBbiM9QtKDAzcjMLSy82KE2T4jU0MzGwNDc1MjAzNTcCAE0BgBE0AAAA
.tapad.com/	1970-01-20 01:15:59	Name: TapAd_TS Value: 1640975206738
.tapad.com/	1970-01-20 01:15:59	Name: TapAd_DID Value: 48d66f96-9b05-469c-81a6-d99d28785432
.eqads.com/	1970-01-20 01:59:11	Name: EQUser Value: UID=09374fce-d193-479c-999b-be72ff6ae4af
.tapad.com/	1970-01-20 01:15:59	Name: TapAd_3WAY_SYNCS Value:
beacon.lynx.cognitivlabs.com/	1970-01-20 08:35:11	Name: UID Value: f3c76c23-d752-41c7-9fda-05497a5c7124
beacon.lynx.cognitivlabs.com/	1970-01-20 08:35:11	Name: ss Value: D6NSSWCzBB6NllwjhtVZ0AT42W1l5fV04wXCOdbsHEWBYM%2Fm3zc8loMs%2BzhsVXM08gjTqIQbC%2FZxuorWoIFlWA%3D%3D
.casalemedia.com/	1970-01-20 08:35:11	Name: CMRUM3 Value: e661cf4b662760&0861cf4b662760f3c76c23-d752-41c7-9fda-05497a5c7124&2f61cf4b6605a0&2d61cf4b662760CAESEAndJpI3LB0Rb03ARcePz3o&9861cf4b6605a00&f161cf4b6605a0&2761cf4b660b40&5a61cf4b6605a0&6961cf4b6605a00&3961cf4b6627605107433822221015060&2861cf4b66276009374fce-d193-479c-999b-be72ff6ae4af
.alocdn.com/	1970-01-20 08:35:11	Name: uuid Value: 152e2c1e-66cb-4b13-acca-a49efeb898a9
.liadm.com/	1970-01-20 17:20:47	Name: lidid Value: c7702807-41f6-49ab-bdfb-587b1945e8f5

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318 Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network	error	URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
acdn.adnxs.com
act.ds.kakao.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.dable.io
ajax.googleapis.com
analytics.ad.daum.net
analytics.twitter.com
api.dable.io
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bttrack.com
c.amazon-adsystem.com
c21lg-d.media.net
c2shb.ssp.yahoo.com
ca183f94564a774343f51deadc679a08.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.districtm.io
cdneast2-xch.media.net
clientcdn.pushengage.com
cm.g.doubleclick.net
comment.youmaker.com
contextual.media.net
d.adroll.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
images.dable.io
img.ntd.com
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
mixi.media
p.alocdn.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.adnxs.com
r-log.dable.io
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
stat.media
static.ads-twitter.com
static.dable.io
static.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync-tm.everesttech.net
sync.adotmob.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
t.co
target.mixi.media
tnews.to
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um2.eqads.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
a.clickcertain.com
sync-tm.everesttech.net
104.16.190.66
104.244.42.195
104.244.42.5
104.90.192.189
13.32.29.201
13.35.253.128
136.243.66.182
142.250.181.98
143.204.209.17
146.185.195.94
151.101.12.157
151.101.193.108
151.139.128.11
159.122.14.34
172.217.16.130
178.162.133.149
18.213.10.151
184.87.212.24
185.183.112.155
185.29.132.241
185.64.190.78
192.132.33.46
193.0.160.128
2.18.233.180
2.20.157.55
209.54.177.54
211.249.220.158
23.205.242.120
23.37.38.181
23.79.143.124
2602:803:c003:200::51
2606:4700:20::ac43:4549
2606:4700:3037::6815:2a1f
2606:4700:3038::6815:ea4e
2606:4700:3039::6815:c074
2a00:1288:80:800::7000
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c1b::9b
2a00:1450:4019:80c::2002
2a02:2638::1c
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:6948:8012:aae3:d8b9
3.125.196.46
3.33.220.150
3.36.41.122
3.38.125.168
3.38.76.215
34.120.33.89
34.120.97.157
34.246.26.64
34.251.173.19
34.98.64.218
35.157.246.167
35.227.248.159
35.244.243.66
37.252.161.190
37.252.173.22
37.252.173.27
44.239.105.249
52.215.102.174
52.218.236.80
52.86.210.192
54.205.198.81
65.9.58.69
69.173.144.139
69.173.144.165
03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4
03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
0661333bf041acc00caddcbf6518f8506a820c330abc21e3271cf90def33675b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078b56ebf4717da72478db0b748dd8a737f5c938ddd964832db64cc9eb10d9a9
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b777ae5236c9022d0323fdca3b238ddc45d7050c615066882f2971b81afcd0d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27
0e0e86f7e573265f197da103928770224d60ff738a575e866fe2c26dcb8d0a5a
0ea64fe6b27a6e0382c699ee66e7c613fff45014e70ae469b8b15eaca7dffaee
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
10d7f8e25425188565c71762c5335ca376c3c5be7ca741aba4abca5601c5107c
10fc8ce599a4f6c00b4cb586d73f41fbf31c7f4181acd34d794256a95c80664d
118de8ffab97cc54e9c0dea09248c59982dc87af781fc9e1c4bb26beec4c7eee
12e1b7718977385319ad129ac36e036271f491d07ffc14f9ebd181d4cb87f1c0
161ec6dad12de0ee466c116cb52fe128ccebcc3d4d194ee48e3dd64d3ba747b1
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
20848f152b7de33a14d64bd69487944a3b7e4d850abd5d568024467258f2e5c7
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
21a71b91e4ce75dbc24fbcee6e53e7e76fa79350dab49e02d1193ac3c835332d
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22e280fe7482d7d3c7a111febaba11d15a76d31339e855f3c32e9b984de6bd39
2395144ea3091c5c67eb6f40a5f3e1e68e8e241dc8a9087a71bd3cf58f5f204b
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
260ced7e64c413a7a7b377709f02a3e7e96b0fd5ae4533ee218b4cedc47c1dba
27e53b6304a1002da510aa6b0302e4835cc659ed1c62e50d999dd836a4aafc1f
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2a44b039063271128c16872f75e32efd8eaeab6a39cff11d627a29cdf3a32675
2b1114802b464d9a6ca3305652ff7dcda55d4528e06a95cd698f8fbf22098ea5
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
2cf5164aa1a5658fc619acef7a852c39fea39821616e71dc782620f7558e7a03
2d38bcdfbd46d657ce3d47b7c5065dc3c70e3bb5de7c4c8d278973476ba18ef4
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2e126db0398686e4f62235adaa2bdf60be791603460c3a1db7822ab4d84ed663
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b
3143ccf6e71800ce985a72e0e0c1606427d8387f1610ec6e958f5e07375d85b8
31465df635bff5d742e48dbe0680a4f000ce2cb23714bb3fb8806126e65ff5c4
31f4ff85271f11625459a37ce62ba0b391ec51adfa8f9acb7c574c6ca44c393d
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
3af551757d5ee4c86eead499ceadca7bddcd62bd9898d5d47dfa039b09dc510b
3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e
3cb1e8122941c896bde7085c9e23dd40dd918e32fd5302cf31ca1648e5a334ed
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fbd407810528f1407ec0ef38ce07f0bf610404b39d53d4847ea8adfdf0c451e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43795bbf96b851d982c7052297874d12dbb03a830595ef534c5a83c5ea7412e0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454a5dfc464806755d550d689f5202cf1ab09e7011626b601266406568932f58
4676b7a0e75400bb48f0caac921d1aef72b8fe3ea49fda113b571c272588f3d4
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
4873d6173e3a28ba12a6f83552788645497a684ec5ac62cf250b69aa26b2f788
48f5ab8de5db17eaf12195a7badc3863f2a8a69dfc6db86c0076bc85c21b932d
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f45f0dfd6b71bd2b37d8fb66a86b406ea18993d2d0bf8dc2692bb0b85f98692
510b7fb74d2ed5e38a2d6f4458e1d202e349d1a54d77b19af06580bf6af361fb
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a09d21229297b160c63abba14d650c19225ca100dd0005b6633ffcd8f2d9ea
5a7b403ac96f58191e47b5833b4cb3c8a2db63172e8e2332a3fe008058737805
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d28b0cac647edc0b29b8e5a598c4c22dcb2f2af03fef3fa316c76c2037bedd9
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e47777d86f28a945bbb343c60efc5a335b7695f23ba7cb1c9f10d405c31fd3d
61580805081c029a159d39f5bc66410dbec1a1ec6d1771c9df0d2e998e246e02
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
654d20411dda7f4c4ae35fa468aed9ac3c35e7d38b20f8a0c2b2793534f562ea
65e2b93364e83e185e6913970da7ff64cbd2ac82df4b4651c4db6e751cb646ea
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958
66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad
66e873224f8f45d8352d754911e3ab1220145e5d8a89b52338dba1fbb61f64bf
68355e543021444fdf958d889c1bb761321b17163f4e9265cb5b15fe1d5ee475
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3d3087e4baca55c1687d30c20e66ed53999d4f66f9c7d9fc7b0c4f2994581e
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
6c0d4aad96b60f53160e0b0dd3abed4fb1ea90b238f486d2743ca620d1a4d54f
6e27ba90bb5763748d0d5aa2eaf6f26f7f670878301295f7c6666fb324df65ea
6e88237108127024092b10e93eb3e08ef39c2b9f293339f84b0640a746f37ac0
6ecde4623f8201da9896ca25e990c0b3a6e5d865ca146284f07a0d3bccde90a5
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55
729064ada3866db16bde937971a54c5ebd4eeb4bb2a195a10b736b52489ed6f2
7304a8b44027d55051ff16666fa5d9b371b0aaf7ea5136de52d18f00e40cc6e3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
762072fec74912102dddbcb88679fb6a9ea20ffdcb4e3fc80a388a6da3ba4410
78d0cb749a4c88e91270ee1e0afb865406c05c296d9c65633ed7b08dde4e33b5
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79767d332dc4b22ae3a161970f6a6270e860eb7a8610b387ec5fe2d0478aeed7
7ccd9abfa6fe8b5c12fd8499f1de5726911d88a28398069d61c017c3abb2a27f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80f724adc7dc46066700938a793bdf72e018a15dd55547a01b512311390f5faa
81929796467a0d3d726d15f58cb4ad6cc94ddb5ef140c4c2d149485086aea11b
8470e402e199aa8900f6790a3f009342fa473487270699025d9ffc03eb681a47
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89830cc50b2ec83436eb94b6ee7494cbc4026a895933af86aaaea4c59441e66a
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b622ac31b659e965866e554d239ba5b9e36ba09438ed7703e659c7d58794b57
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
8b8a906aa8489b8114dbc0cad545275941df24ae684069bfcb4774214d2f7906
8cab2abfe98a370e356815db77c29fa48437ac9e933185d3a4f66479b0ec49c1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df94aecd082fdb7a60d3aeb90073576972b437d3589b737042dc8c75a091015
8ed56a23ab51bd1ffdd1706f162c531aac52e0823a999288c29bdf09eafecb16
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f84ffebfd1f0a8f1330bc7d0083fefc9860b3e02a36afec8c2add53f8512e04
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0
9207836e697a090f0aed08a4f06e47aa45471f46bdb71d1f67dfe69f5d69abda
92234cbc7b15fd148698dd1c784606659930943b1ceb0865f905ddd861e3b112
9625927762fa38c0606b89c9381f789f260c05711a1242b049db05b86dee8049
99fd232bb61d1544c07289fd30119cd408e16f7df528076e7e4bb33f3c60a93a
9a479ba3e86b6056e7ed5872d405abbb5e65b10ef48d13aad6688fabc37985e6
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f
9d626f07bedfb4a51b8d37382cb3753814b76c58442c82049599e8b6525817c7
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9ec7e521658947a1f096595acb26867a8202a1fc9fd40c2c5f8bad638cde277b
9fc671631843d094476d3bdf6757816ad3b5e97b278803fbd7fa30995358f331
a086f96560116acb8d60ed9d25d9baa7d5e5da64c29f7fcf1932f24c34f738a4
a0c831c452844abe74d8767ff6d72d583b0a188d0a6868d8d7b5bf2efc2ecdee
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b291715638482939a4abe55dca942c102ec459fdf105a9de67480672fc9b89
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f396b8fd75a454157bca5f69c306a45e5b79390d6634e06f0438140a6e7271
a5642ff474805808c949549c385b64b1b263d0a8390d80c28beff410b8230689
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9516d17f843ccb8744ae0db1a2e4d97f87c852f0137f600297494aede1344b3
aa4f7dcad18d068abb2bf4b356f70e0122f786744c98bc851fc4d82279e756c3
ab32895c8eb04de1c69042508deb0668cb87ed48eda7b39fb027c35cfb935306
abf7b7fe4417698ac10e9dcf22ec04777e95363c835c7f206cd2a36fa81343de
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad36c0ee4faf09ed8c215099cd2a8a0c9481246f32bfcbf2feb877a1713a624b
ae55ee334ff99e50b3242f42ba930ab50226ff2b39f19722be3719116893a48f
ae708ee2f07c5f4271c2513cefb1975dbe0749ebd75a69c86a83066b7ae5d6b0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af88ace41e644752a1b6edbaca63bfd9873c9c1e07767684c410ec4a2a3574df
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
afd640b186cd1e1099799c2548b58b66b1a555bba8136905ff03a24fe87d05ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8
b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
bee2ad3ac51d16d90c6bb08c6e935d633754a41da96ed19ce8c5cc08aca2d96c
c1620334ef2315aeeb73973b6d46fbd6697fd95494333e180aeb78add4ab5f9d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
c56af3e788ca9742c94c844117ddd796bed05c01cd1b637d54284d8e13ce466a
c5a4f42993d0a302a22aa9a89e171067162f82299c847c7189c001332c045582
c5ca0fae569e914a8b1b5489b193e3d4433538ab3cfec3a95e4402c312b14fd5
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
cae49d5cba5cb695ce8fbdaf2ee6f2134a78adfe983ca6860b6dfcdabe6b0454
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1b773dec11cfb232428114ff29100e0da8438699f7aa233d1aebdb57f9d288
d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594
d23a527e1a20170a0af41d45a3c1eb30dcf610a399ce85e288f9a3c5ec86123d
d24504fb8d7f46fc501b9cedb1d586b385e547c266b2ed61567c6e69ff28e5cb
d2aa249963543ddaa14b3e0f3be5aa457d25ba3c0e16c05b96106c5952a2ee9b
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d4d254e40b7d4b854a0ac61187226912fae932bc17e168e55c23caf5c030d6af
d4fb3e2327bfebaeadcc3c0d1873f16cf8ff48023b1f1db0fae954b1bb791173
d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6
d6dd3bd5d396878ddd38adcb9da6cbd37ce8d41bf82d5a30beb0649c377b70ba
d719b213cc4dcb680a02cedbff71fb8b38277c8b23e8b84f5e0f9f83a46dfba1
d92c9c4f49e5826c988e6c55b117671cb19b9a821d94bf0a20f6b66adbf9f9a8
d974506f8f71ffaf3e886fb89f5c15769a4e6f2e826939765f898bab9608cb52
d9f1d36406c18d623f005073803d5900edc61d0973e35c2fa4386990f001b7a9
da661c8b2f1ea440639adbef2c97578419e410c49a8a0d187a9808acb4ffe4f3
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
df35513cbda04fc1e69cc3f92ab601f967d4e5621f3832a5dfb113a96711bb4f
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfecae33e19000e17e577e1e19076a57b5d49f2635d92374a1cb5992286ad83c
e0db7a8f644f3f6e06af34dfeb3b95643ef01c3f518ea7747880666d74ec0157
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ce9f85ee97bc5289bf84b5026d7bcea6e2719ad4326e1ef1bf2e316c8f6a5c
e6ee00d996ab5f38cc4c3c34029ce45cc46a9f5685cbf7ed2bb6f855473b0faa
e98eb352cbcd4162116f98a6260263b32887f82023acf5b950ea5718c9e795ca
eafe1f4b5992c38e3cdd4a91a387fe837d72521a02ec342bb2b81ba62c0aff50
ebe0cf092d27efe8b9106162aeb3df0e1dcef385105298ec9f69bfa5224be0fb
ed0400ffd85bee01a5f055bbc79b51ca47551d3a3af7029a437ef814e33d118c
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef589800a85729debfd73086bfe87f0736ee95c4d2fb599b3e6417a3aa6b58f5
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f5dbca87eb015874a8bb0fe6359745a94a5432a505a27f87ff7ced2f811db6b8
f5fbdfc69f9cd029a5cc7b2bcaf0f7e5c0d33da7594a0abd4157d87a93f61dfd
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fe6c925a980aace1951bf38f99e3a7a80530cdde61cd97dbd11e20873c4b4c61
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

www.ntd.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

323 Requests

88 %HTTPS

31 %IPv6

56 Domains

95 Subdomains

67 IPs

12 Countries

5791 kBTransfer

8894 kBSize

65 Cookies

17 Outgoing links

Page URL History

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

88 %
HTTPS

31 %
IPv6

56
Domains

95
Subdomains

67
IPs

12
Countries

5791 kB
Transfer

8894 kB
Size

65
Cookies

323 HTTP transactions
3 data transactions