www.ntd.com Open in urlscan Pro
2606:4700::6812:191e  Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://tnews.day/Falun-gong-New-Year-message-for-the-worldpdf HTTP 307
   https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

• https://unpkg.com/react@18/umd/react.production.min.js HTTP 302
• https://unpkg.com/react@18.2.0/umd/react.production.min.js

Request Chain 91

• https://unpkg.com/react-dom@18/umd/react-dom.production.min.js HTTP 302
• https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Request Chain 129

• https://rp.liadm.com/j?dtstmp=1701103972891&se=e30&duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&tna=v2.11.1&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&wpn=lc-bundle HTTP 302
• https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&tna=v2.11.1&dtstmp=1701103972891&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D

Request Chain 132

• https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 302
• https://a.clickcertain.com/px/smart/a/?seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&c=2455d1796b86efb HTTP 302
• https://a.clickcertain.com/px/?c=2455d1796b86efb

Request Chain 134

• https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25225137ca3c-72e0-443e-a71d-be1672b3b66c%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 302
• https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25225137ca3c-72e0-443e-a71d-be1672b3b66c%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tdc=1

Request Chain 156

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 157

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 160

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 161

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 163

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gpp=&gpp_sid= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 164

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzX9NE-9ooVmCfKdGzaiog&google_cver=1

Request Chain 165

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWTJZkAxHGupLrs953JIVgAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENe7a420W7YKWxIZ-6aMmb4&google_cver=1

Request Chain 166

• https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 167

• https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 168

• https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTJZu0Wzs3fsSClm9G9PwAA%263340&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
• https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 171

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWTJZkAxHGupLrs953JIVgAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR2sM_yLObCV-8Vj5QSid0&google_cver=1

Request Chain 173

• https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTJZkAxHGupLrs953JIVgAA%262183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
• https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 174

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZkAxHGupLrs953JIVgAACIcAAAAB&gpp=&gpp_sid= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZkAxHGupLrs953JIVgAACIcAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 175

• https://trace.mediago.io/ju/cs/indexexchange HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=1b7de7e82fb7ed112vd3vm00lph5dvs7

Request Chain 177

• https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19A4206DF6F843749B81DAF49AFA69CD

Request Chain 178

• https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ac65c6e2-5140-4a53-928f-23f231e18152&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 180

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Show response www.ntd.com/ Redirect Chain https://tnews.day/Falun-gong-New-Year-message-for-the-worldpdf https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html	162 KB 27 KB	686ms 616ms	Document text/html	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash abeb984543e4a2af7b91f20b76ff903e2bb43d06e572855eff44d7316fa5bce4 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control public, max-age=14400 cf-cache-status EXPIRED cf-ray 82cbe241ca20b951-AMS content-encoding gzip content-type text/html; charset=utf-8 date Mon, 27 Nov 2023 16:52:50 GMT expires Mon, 27 Nov 2023 20:52:50 GMT server cloudflare strict-transport-security max-age=63072000 vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-nextjs-cache HIT x-powered-by Next.js x-xss-protection 1; mode=block Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 82cbe23d486d6647-AMS content-type text/html; charset=UTF-8 date Mon, 27 Nov 2023 16:52:49 GMT expires Mon, 07 Jul 1777 07:07:07 GMT location https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHcdsAbJpWMnKQAlqziijMnbEssXDl5YN3Ic74HkDrii9YmRBSACcuX3BrchS8AgejtZISeOv2ilrHnVJroKBDgv6jofpdqLBUdtHnXjkBzmRTUJZ9F3GvfTsiMgXmPZNKCkTrNdGyo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-redirect-by WordPress x-redirect-powered-by Pretty Link Pro Developer 3.6.1 http://prettylink.com x-robots-tag noindex, nofollow
GET H/1.1	200 OK	Flushing-parade-LBD0241-900x506.jpeg i.ntd.com/assets/uploads/2023/01/	686 KB 687 KB	1014ms 900ms	Image image/jpeg	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/01/Flushing-parade-LBD0241-900x506.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 6567f1f26bf9c8ab32576cb70744a2cd20f4efdca1047484da01887e1b3a5963 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 702783 Last-Modified Sun, 22 Jan 2023 02:28:15 GMT Server nginx ETag "63cc9f3f-ab93f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31536000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Tue, 26 Nov 2024 16:52:51 GMT
GET H/1.1	200 OK	ntd-logo-comment.png i.ntd.com/assets/themes/ntd/images/	35 KB 36 KB	165ms 51ms	Image image/png	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:50 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 35679 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-8b5f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=30944170 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Tue, 19 Nov 2024 20:29:00 GMT
GET H2	200	template.css subs.epochbase.com/lib/	4 KB 1 KB	195ms 133ms	Stylesheet text/css	34.107.251.162 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://subs.epochbase.com/lib/template.css Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 162.251.107.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip via 1.1 google last-modified Fri, 03 Nov 2023 19:11:33 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1242 expires Mon, 27 Nov 2023 17:52:50 GMT
GET H2	200	4a739f824f596a15.css www.ntd.com/_next/static/css/	140 KB 44 KB	621ms 619ms	Stylesheet text/css	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/4a739f824f596a15.css Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39606abb2773dd3c0cdad88f49c31445e9d558631c25fb21bcbf06046c361340 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"22ea3-18ba6c71c60" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe245cf1fb951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	3cd2d6e571594a33.css www.ntd.com/_next/static/css/	23 KB 5 KB	472ms 471ms	Stylesheet text/css	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0b305e408e4d852e855962afee13321ebf52d3894e1a8a42dfbf8d3b4741a9e Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"5cf7-18ba6c71c5f" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe245cf22b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	3142a792e382aafb.css www.ntd.com/_next/static/css/	15 KB 3 KB	471ms 470ms	Stylesheet text/css	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/3142a792e382aafb.css Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"3db9-18ba6c71c5f" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe245cf24b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	30418f44-85d0cd07c9902eeb.js Show response www.ntd.com/_next/static/chunks/	680 KB 185 KB	615ms 611ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"a9f15-18ba6c71c64" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f76b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	9073-3a5bfa0f17d1d72f.js Show response www.ntd.com/_next/static/chunks/	9 KB 3 KB	469ms 465ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/9073-3a5bfa0f17d1d72f.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12d467813dd443184a5c52c782f0b3c2a401a873d28dc9130ac30900dc8590ab Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"2452-18ba6c71c66" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f78b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	663.040d83569fca7810.js Show response www.ntd.com/_next/static/chunks/	10 KB 4 KB	470ms 466ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/663.040d83569fca7810.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcb05bc6f6bc43783fe6132aeee6ecdacfc83c8223f32aa9c998c75b7f3dd9d9 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:04 GMT server cloudflare cf-cache-status EXPIRED etag W/"2801-18ba6c842c5" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f79b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	1391.0ae298293689721c.js Show response www.ntd.com/_next/static/chunks/	11 KB 4 KB	471ms 467ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1391.0ae298293689721c.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72fd7e24b02580e7f6501d079c90a19d4c87ab4624c51f96f4e3c7a07a0e30d4 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"2b5b-18ba6c71c63" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f7ab951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	webpack-8fc3a293139a2d69.js Show response www.ntd.com/_next/static/chunks/	6 KB 3 KB	470ms 467ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/webpack-8fc3a293139a2d69.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9eddf5a65005ab000071c3179eaa30fce0f40e67d742a18ce8caf892264a652 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:04 GMT server cloudflare cf-cache-status EXPIRED etag W/"18b0-18ba6c842c2" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f7bb951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	framework-79bce4a3a540b080.js Show response www.ntd.com/_next/static/chunks/	127 KB 41 KB	623ms 620ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"1fbd2-18ba6c71c67" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f7db951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	main-9a2cb928659cd95b.js Show response www.ntd.com/_next/static/chunks/	118 KB 35 KB	616ms 613ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8e78daa065e02de5d8b249192b4e2c364a523cff15f783b273a38664634354b Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"1d968-18ba6c71c67" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f7eb951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	_app-6c66e47dc43f9607.js Show response www.ntd.com/_next/static/chunks/pages/	317 KB 95 KB	622ms 619ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a085a48de1c29460f6e8dde984099c3cc348ea5db5bf26a878178939eb77d0c Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:04 GMT server cloudflare cf-cache-status EXPIRED etag W/"4f292-18ba6c842bf" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f7fb951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	4201-66f788ee4ee45a93.js Show response www.ntd.com/_next/static/chunks/	116 KB 41 KB	617ms 615ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/4201-66f788ee4ee45a93.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c5a3e13ad52b15a5e9f82b95a971d1203facb8ff8a47ac5fe144d61f2ec7c77 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"1ce9a-18ba6c71c65" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f80b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	2962-a4df57f83cf7a4f7.js Show response www.ntd.com/_next/static/chunks/	17 KB 5 KB	473ms 471ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"4442-18ba6c71c63" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2460f81b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	4277-9113847c34226409.js Show response www.ntd.com/_next/static/chunks/	84 KB 25 KB	646ms 644ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/4277-9113847c34226409.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99e232f0777782167244e5f824d348b49a9f92446b12810aa4a3d7216572aeaf Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"1502f-18ba6c71c65" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fa5b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	9146-c010d8b3f8fd1db0.js Show response www.ntd.com/_next/static/chunks/	7 KB 3 KB	494ms 492ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/9146-c010d8b3f8fd1db0.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 779d8fdda515b570970a5fb09b5eefbf0c8ec6300d969d4d609806a37f77e803 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"1d13-18ba6c71c66" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fa7b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	1294-8741fd956c5fad68.js Show response www.ntd.com/_next/static/chunks/	14 KB 5 KB	495ms 493ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1294-8741fd956c5fad68.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fdf7c13d5b3b559871a32380728a9c126bd004577031335423da2c981141407 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:04 GMT server cloudflare cf-cache-status EXPIRED etag W/"3730-18ba6c842c5" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fa9b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	1335-c79d8729f0c50b8b.js Show response www.ntd.com/_next/static/chunks/	121 KB 16 KB	627ms 625ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1335-c79d8729f0c50b8b.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5a33ccfcc05ae337e7f3924e408ae1486f368970ed761aabed6e7b057651498 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"1e31f-18ba6c71c63" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463faab951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	3213-33fa56d227aef8a4.js Show response www.ntd.com/_next/static/chunks/	12 KB 4 KB	493ms 491ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4505adde3a6db0f39a9dc7428643d1e9b84331c2d3022bec401b7002c07369e5 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"3061-18ba6c71c64" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fabb951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	1601-ce29e6661bb60ba0.js Show response www.ntd.com/_next/static/chunks/	9 KB 2 KB	490ms 488ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1601-ce29e6661bb60ba0.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2997f9a557c9b636e93dfa7b84a57dfc6c7e3b6593f0341b77891dd7e19cc91 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"22ae-18ba6c71c63" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fafb951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	%5Burl%5D-a6aa872959d7f080.js Show response www.ntd.com/_next/static/chunks/pages/	23 KB 7 KB	506ms 505ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-a6aa872959d7f080.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 582e42d6984215cd2526b7a6f01bb23d649c746af9fafbb60bd3d43b09e4d123 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:04 GMT server cloudflare cf-cache-status EXPIRED etag W/"5aff-18ba6c842c0" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fb0b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	_buildManifest.js Show response www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/	4 KB 2 KB	496ms 495ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/_buildManifest.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d780c2236b34848e2b3b15b3b2529b1eea1c2e7d92fbda888ad6766cbfe80bff Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:04 GMT server cloudflare cf-cache-status EXPIRED etag W/"10e5-18ba6c842bf" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fb2b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H2	200	_ssgManifest.js Show response www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/	598 B 329 B	493ms 492ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/_ssgManifest.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:37:19 GMT server cloudflare cf-cache-status EXPIRED etag W/"256-18ba6c87d93" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe2463fb3b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:50 GMT
GET H/1.1	200 OK	NTDLogo.svg i.ntd.com/assets/themes/ntd/images/	660 B 1 KB	145ms 36ms	Image image/svg+xml	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:50 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 660 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-294" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=27035364 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dcf538ab166e90e4dfda982d360b06de8da42bd945c277ec6f357a55b43bbc5b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c21eea3ff63e3cbe49cfe06d47eba4a268ed5e2d583d9fbe8590f39b85212ae Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 720530af830892701ef8b15094596aba1a91afffc1a013cad9103da6cd9df0e4 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ENTD_Play.svg www.ntd.com/images/	2 KB 1 KB	464ms 463ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/ENTD_Play.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare cf-cache-status MISS etag W/"7e6-18a84a25feb" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 82cbe24aad3ab951-AMS x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	NTDLogo.svg www.ntd.com/images/	660 B 590 B	179ms 178ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare content-encoding gzip etag W/"294-18a84a34dab" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 82cbe24aad56b951-AMS x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	footer-app-logo.png www.ntd.com/images/	73 KB 73 KB	603ms 602ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/footer-app-logo.png Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 74494 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare etag W/"122fe-18a84a34db2" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 82cbe24abd58b951-AMS expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	NTD_BackToTop.svg www.ntd.com/images/	2 KB 949 B	465ms 465ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/NTD_BackToTop.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare cf-cache-status MISS etag W/"7d6-18a84a25fec" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 82cbe24abd5db951-AMS x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 20:52:51 GMT
GET DATA	200 OK	truncated /	23 KB 23 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5 Request headers Referer Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H/1.1	200 OK	01212023-DSC07205-1200x720.jpg i.ntd.com/assets/uploads/2023/01/	840 KB 840 KB	842ms 841ms	Image image/jpeg	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/01/01212023-DSC07205-1200x720.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 871b8242d1aabad13d92c8fac67273aa5e5aef0ecdb1f31985b0b0a807b0e2f3 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 859661 Last-Modified Sun, 22 Jan 2023 01:49:17 GMT Server nginx ETag "63cc961d-d1e0d" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535974 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Tue, 26 Nov 2024 16:52:25 GMT
GET H/1.1	200 OK	dragon-LBD0514-1200x800.jpeg i.ntd.com/assets/uploads/2023/01/	1 MB 1 MB	935ms 934ms	Image image/jpeg	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/01/dragon-LBD0514-1200x800.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f61ff4f888bc3690036c62d05030f9e8710d2c86e0593c517c02f60719860e92 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 1159639 Last-Modified Sun, 22 Jan 2023 02:29:21 GMT Server nginx ETag "63cc9f81-11b1d7" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535963 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Tue, 26 Nov 2024 16:52:14 GMT
GET H/1.1	200 OK	Wang-Lirong-5597302766-1200x800.jpeg i.ntd.com/assets/uploads/2023/01/	547 KB 547 KB	1013ms 948ms	Image image/jpeg	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/01/Wang-Lirong-5597302766-1200x800.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c7f6c50373b11c90ab48d22df301ff705b05c61e4efaf19e03a57dd79a63f4c0 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:52 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 559633 Last-Modified Sun, 22 Jan 2023 02:30:36 GMT Server nginx ETag "63cc9fcc-88a11" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535986 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Tue, 26 Nov 2024 16:52:38 GMT
GET H/1.1	200 OK	Yulia-Nova-3257914872-1200x800.jpeg i.ntd.com/assets/uploads/2023/01/	560 KB 561 KB	919ms 854ms	Image image/jpeg	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/01/Yulia-Nova-3257914872-1200x800.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 15740d57e5110399735f18958d8a9bbb2b1468b209ba051519086f29cf7b8433 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 573889 Last-Modified Sun, 22 Jan 2023 02:33:54 GMT Server nginx ETag "63cca092-8c1c1" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535961 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Tue, 26 Nov 2024 16:52:12 GMT
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	447ms 60ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br content-security-policy-report-only require-trusted-types-for 'script';report-uri /cspreport p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Mon, 27 Nov 2023 16:52:51 GMT
GET H2	200	8735.d0b957bfa55e8687.js Show response www.ntd.com/_next/static/chunks/	44 KB 15 KB	604ms 604ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/webpack-8fc3a293139a2d69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 06 Nov 2023 22:35:48 GMT server cloudflare cf-cache-status EXPIRED etag W/"af73-18ba6c71c66" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 82cbe24c4f40b951-AMS x-xss-protection 1; mode=block expires Tue, 26 Nov 2024 16:52:51 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	383ms 41ms	Script text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-a6aa872959d7f080.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 452889647dfac521356e18f8fc2e4af00664f1d7f8fb9a905bc64d4e1d1c2c99 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 16:52:51 GMT
GET H/1.1	200	95162.js Show response mixi.media/data/js/	5 KB 2 KB	462ms 121ms	Script application/javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mixi.media/data/js/95162.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/1391.0ae298293689721c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 7d9ef253d92ba224871f2764331584dd336a3a5aaa1f1f0f2c7e352106f029dd Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:51 GMT Content-Encoding gzip Last-Modified Monday, 27-Nov-2023 16:52:51 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive
GET H2	200	js Show response www.googletagmanager.com/gtag/	289 KB 95 KB	432ms 93ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4bf0d664892e376dd682b97001dcecb50d8c08580c0beb6e68d67cbe45a1b315 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 97496 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 27 Nov 2023 16:52:51 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	116 KB 45 KB	387ms 49ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash da5fcdc79f58df105a1b43b0590f59b4c4dedfddfc15343da8d9b00a87f9a28b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45862 x-xss-protection 0 last-modified Mon, 27 Nov 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 27 Nov 2023 16:52:51 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	100 KB 31 KB	503ms 169ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f6168891f5d30f20f6e525be431cb6d40e3ef02325ecbd3bc2a742a304c2c168 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31397 x-xss-protection 0 server cafe etag 179 / 19688 / 31079657 / config-hash: 16204867678510254442 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 27 Nov 2023 16:52:51 GMT
GET H/1.1	200 OK	prebid.js Show response i.ntd.com/assets/themes/m-ntd/js/ads/	275 KB 276 KB	102ms 39ms	Script application/javascript	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 281947 Pragma no-cache Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-44d5b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=27794561 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	267 KB 65 KB	132ms 39ms	Script application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:01:35 GMT content-encoding gzip via 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront) last-modified Mon, 13 Nov 2023 20:18:45 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P6 age 3077 x-amz-server-side-encryption AES256 etag W/"2d08dd94de483579c1dc3f3783c06f6e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id wTC235IiLo87DXFsDH84ObLdxfmW9fXN8AXi3WTSKgQMRYFbQelFnQ==
POST H2	200	counts Show response www.ntd.com/api/v1/	1 KB 203 B	540ms 539ms	Fetch application/json	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e756ed6731968fa18043925a5a866c9f47e0c9651e0bd4ea2f2654d9dea896a9 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 via 1.1 google cf-cache-status DYNAMIC x-xss-protection 1; mode=block pragma no-cache server cloudflare author EMG vary Accept-Encoding, Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com app-name remark access-control-allow-credentials true cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex cf-ray 82cbe24c6f6db951-AMS app-version 0.1.2
GET H2	200	count Show response sc.youmaker.com/reaction/share/	664 B 729 B	464ms 132ms	XHR application/json	34.120.97.157 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=896438,956914,956910,956858,956892,956903,956884,956890,956844,956867&token= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 157.97.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash e8db6c2b68c49b61d72f8f8f874a6bd56f927bd72803effbc22802aabb923443 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 664
POST H2	200	getcounts Show response www.ntd.com/v1/api/video/	50 B 167 B	622ms 621ms	Fetch application/json	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/v1/api/video/getcounts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/663.040d83569fca7810.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6123d5a6a5462a1133375cda85757f7c42ebacba5d5a60531b7b1a521c536465 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers date Mon, 27 Nov 2023 16:52:51 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000 content-encoding gzip server cloudflare cf-cache-status DYNAMIC vary Origin, Accept-Encoding x-frame-options DENY content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true cf-ray 82cbe24c6f71b951-AMS x-xss-protection 1; mode=block
POST H2	200	counts Show response www.ntd.com/api/v1/	638 B 426 B	529ms 528ms	Fetch application/json	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 785b5b2768e311170ed4022cc619dd0ddc88968640753154dde2a881c713d784 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 via 1.1 google cf-cache-status DYNAMIC x-xss-protection 1; mode=block pragma no-cache server cloudflare author EMG vary Accept-Encoding, Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com app-name remark access-control-allow-credentials true cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex cf-ray 82cbe24c6f73b951-AMS app-version 0.1.2
GET H2	200	count Show response sc.youmaker.com/reaction/share/	408 B 608 B	461ms 131ms	XHR application/json	34.120.97.157 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=956756,956759,956596,956744,956803,956806&token= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 157.97.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 166967ae3b67e3871121a80801eb3cf5ec17bd5ae6385e048f5230d31a19a3db Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 408
GET H2	200	geo Show response pwe.epochbase.com/	143 B 332 B	448ms 126ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/geo Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 4c4fb27c2d0bf96aad8bb2c15ccf820bc54e256c96fe1cceaead9aadf06d40f0 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 143
GET H2	200	default-user.png www.ntd.com/images/	3 KB 3 KB	465ms 463ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/default-user.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 2560 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare etag W/"a00-18a84a34db0" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 82cbe24cbfe2b951-AMS expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	share.svg www.ntd.com/images/	338 B 319 B	470ms 469ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/share.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare content-encoding gzip etag W/"152-18a84a25ffa" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 82cbe24cbfe4b951-AMS x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	share_single.svg www.ntd.com/images/	388 B 336 B	469ms 468ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/share_single.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare content-encoding gzip etag W/"184-18a84a34db8" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 82cbe24cbfe7b951-AMS x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 20:52:51 GMT
GET H/1.1	200 OK	id956758-Bank-of-America-logo-GettyImages-462793751.jpg-352x220.webp i.ntd.com/assets/uploads/2023/11/	18 KB 19 KB	37ms 36ms	Image image/webp	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/11/id956758-Bank-of-America-logo-GettyImages-462793751.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fa7a0d190cf1cd8932c0549bd128c1f0d37015c34eab5f29b02382c23ce0608b Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 18450 Last-Modified Sun, 26 Nov 2023 14:40:12 GMT Server nginx ETag "656358cc-4812" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31447181 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id956833-Lucky-for-Life-ticket.jpg-352x220.webp i.ntd.com/assets/uploads/2023/11/	10 KB 11 KB	34ms 33ms	Image image/webp	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/11/id956833-Lucky-for-Life-ticket.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a0b6d631b76619f19588b0526f57e3533d6dfa14edce7dbc8e1ed07db59e26ff Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 10630 Last-Modified Mon, 27 Nov 2023 02:42:01 GMT Server nginx ETag "656401f9-2986" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31487936 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id948396-Hamas-tunnel-system-GettyImages-528593636.jpg-352x220.webp i.ntd.com/assets/uploads/2023/10/	16 KB 16 KB	42ms 42ms	Image image/webp	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948396-Hamas-tunnel-system-GettyImages-528593636.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4f9d115a7cba0aa8a2fb00d608683ab400be33a39ffcb37a2d6a197d66a795bd Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 15872 Last-Modified Tue, 17 Oct 2023 17:02:33 GMT Server nginx ETag "652ebe29-3e00" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31388650 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id956648-GettyImages-1797516641.jpg-352x220.webp i.ntd.com/assets/uploads/2023/11/	19 KB 20 KB	35ms 35ms	Image image/webp	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/11/id956648-GettyImages-1797516641.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d6afc903e5795bdf0163a5d0ef7492b18b32600f8864077eef0a83b015a9e8a7 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 19654 Last-Modified Sat, 25 Nov 2023 02:39:03 GMT Server nginx ETag "65615e47-4cc6" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31367441 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id956807-Donald-Trump-Obama-GettyImages.jpg-352x220.webp i.ntd.com/assets/uploads/2023/11/	9 KB 10 KB	34ms 34ms	Image image/webp	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/11/id956807-Donald-Trump-Obama-GettyImages.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8c69be38f1fb2b16811680234ca39dadd569e379d3de94a48c20c2cbf2e1db3e Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:51 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 9422 Last-Modified Sun, 26 Nov 2023 20:26:21 GMT Server nginx ETag "6563a9ed-24ce" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31462820 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id956808-supreme_court_GettyImages.jpg-352x220.webp i.ntd.com/assets/uploads/2023/11/	19 KB 20 KB	35ms 34ms	Image image/webp	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/11/id956808-supreme_court_GettyImages.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 610cd55955eee512b407fb963b427d6e4f99bc44fb8be453bc64dc1ebd2c27f7 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:52 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 19900 Last-Modified Mon, 27 Nov 2023 14:41:33 GMT Server nginx ETag "6564aa9d-4dbc" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31531796 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H2	200	watch_ntd_on.png www.ntd.com/images/	20 KB 20 KB	617ms 616ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/watch_ntd_on.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 20726 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare etag W/"50f6-18a84a25ffe" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 82cbe24cbfe9b951-AMS expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	watch_ntd_row1-2.png www.ntd.com/images/	64 KB 64 KB	610ms 609ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/watch_ntd_row1-2.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 65131 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare etag W/"fe6b-18a84a34dbb" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 82cbe24cbfeab951-AMS expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	watch_ntd_row2-2.png www.ntd.com/images/	93 KB 93 KB	606ms 606ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/watch_ntd_row2-2.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 94887 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare etag W/"172a7-18a84a25fff" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 82cbe24cbfecb951-AMS expires Mon, 27 Nov 2023 20:52:51 GMT
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	467 KB 467 KB	189ms 59ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 06:36:47 GMT x-content-type-options nosniff age 209764 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 477845 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Nov 2024 06:36:47 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/	215 KB 67 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 15:19:36 GMT content-encoding br x-content-type-options nosniff age 5595 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68238 x-xss-protection 0 last-modified Mon, 20 Nov 2023 02:45:49 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 26 Nov 2024 15:19:36 GMT
GET H2	200	template Show response pwe.epochbase.com/api/	7 KB 2 KB	132ms 131ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 0ea258555e5fcf60617c4791778cba754e64b9acb2792b47c32af0cf2dfa0b3e Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	rules Show response pwe.epochbase.com/api/plan/	4 KB 890 B	128ms 128ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/plan/rules?siteId=www.ntd.com&planId=live-ntd Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash f2fbec20eff343b19ab9e0f85926cdee9701203228f142d35c1727e833850c1f Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	ge.js Show response s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/	59 KB 60 KB	544ms 184ms	Script application/javascript	52.92.242.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.242.40 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:53 GMT Last-Modified Tue, 29 Aug 2023 17:44:45 GMT Server AmazonS3 x-amz-request-id 1CMZ1440W38JEC5E ETag "b54fadc7e5991d9914d62a0459bfdf77" x-amz-server-side-encryption AES256 Content-Type application/javascript Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 60527 x-amz-id-2 picDCihqDpPMuR2w/lKjPcXA/gCiIKR8Nm//ukAZjjHk3MdXaaHcEuJV42xjrjQIbM8w1wGFkH8= Expires Thu, 28 Sep 2023 17:44:44 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	284 KB 93 KB	52ms 51ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1e462e6825ef12cc6abbea177b8a383506f64e67d57d6b23879b4b8261710067 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95279 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 27 Nov 2023 16:52:51 GMT
GET H/1.1	200 OK	jsapi.v5.12.0.en_US.js Show response static.mixi.media/static/jsapi/	251 KB 75 KB	198ms 102ms	Script application/x-javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js Requested by Host: mixi.media URL: https://mixi.media/data/js/95162.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:51 GMT Content-Encoding gzip Last-Modified Thu, 31 Mar 2022 07:51:02 GMT Server nginx ETag W/"62455d66-3eabf" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Connection keep-alive
GET H/1.1	200 OK	sm.js Show response stat.mixi.media/	77 KB 28 KB	473ms 374ms	Script application/x-javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stat.mixi.media/sm.js Requested by Host: mixi.media URL: https://mixi.media/data/js/95162.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Content-Encoding gzip Last-Modified Thu, 02 Dec 2021 13:53:02 GMT Server nginx ETag W/"61a8cfbe-13481" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Cache-Control private, must-revalidate, proxy-revalidate, max-age=3600 Connection keep-alive
GET H/1.1	200 OK	miximedia.svg static.mixi.media/static/adpreview-assets/mixi-media/images/logo/	6 KB 6 KB	139ms 46ms	Image image/svg+xml	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:51 GMT Last-Modified Mon, 30 Sep 2019 14:11:01 GMT Server nginx ETag "5d920cf5-1849" Content-Type image/svg+xml Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 6217
POST H2	204	collect region1.analytics.google.com/g/	0 251 B	83ms 29ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je3b81v896365836&_p=1701103971243&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1264366601.1701103972&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701103971&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&dt=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=3013 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 251 B	101ms 34ms	Ping text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=1264366601.1701103972&gtm=45je3b81v896365836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 408 B	152ms 76ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=1264366601.1701103972&gtm=45je3b81v896365836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=585814511 Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/	429 KB 135 KB	121ms 34ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 09:37:12 GMT content-encoding br x-content-type-options nosniff age 26140 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137535 x-xss-protection 0 server cafe etag 18342593356503948095 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Tue, 26 Nov 2024 09:37:12 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	101ms 35ms	XHR application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront) date Mon, 27 Nov 2023 11:30:58 GMT x-amz-cf-pop FRA56-P6 age 19314 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id cL2jl59B0ogt5jeCZ65RtUe7Z1M-87eMtDihSDGcVFjeJJWlNcJUjw==
GET H2	200	ae51d432-b517-4c68-9f8a-22444acccbb5 Show response config.aps.amazon-adsystem.com/configs/	537 B 810 B	119ms 33ms	Script application/javascript	99.86.4.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/ae51d432-b517-4c68-9f8a-22444acccbb5 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-71.fra6.r.cloudfront.net Software CloudFront / Resource Hash c3a4df25e241b0441b39ba2a63e876fc14bea8404980ec73f463df1e94e815fe Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:51:01 GMT via 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 111 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id baaZeMXYk5bvRjexpQqz6YG2CtguU-r25HYwvLZojemf2ACkR_gfNg==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 307 B	34ms 34ms	XHR text/plain	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:24:48 GMT via 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 12483 x-cache Hit from cloudfront access-control-allow-origin https://www.ntd.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id PXieuo-Dtjz22572k3s8wOA0o4NVH4Q9_NvNFYEiJ_U0wZg7y0L1IQ==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 308 B	35ms 34ms	XHR text/plain	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:24:48 GMT via 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 12483 x-cache Hit from cloudfront access-control-allow-origin https://www.ntd.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id Yoi5a6aleXYIaZ7ADovMOKDbIbdsSoLvByK2vIdMTCImpwd_aC1U4g==
GET H3	200	template Show response pwe.epochbase.com/api/	7 KB 2 KB	131ms 130ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 2e52b90c4576fcc79aa119ec5d779a093ae19822d0a3f220d5e52db8251389f7 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:51 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H/1.1	200	jsapi Show response mixi.media/newdata/	8 KB 3 KB	158ms 158ms	XHR application/json	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mixi.media/newdata/jsapi?action=news Requested by Host: static.mixi.media URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 3cc3b74a7f2f2263c7f5bafa9ac993a7dbac620c1ecc24b8cc50ce4907c5a699 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type multipart/form-data Response headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:52 GMT Content-Encoding gzip Last-Modified Monday, 27-Nov-2023 16:52:52 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive X-Node ads5-1ssel51
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 725F	60 KB 34 KB	58ms 57ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e6e3cf79c704d2133d7519b56bd6c5b4cd66b8965788fda368fc8be00b6c0f0a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-XVSPI0rytSXT5taurlGlUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-XVSPI0rytSXT5taurlGlUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 16:52:52 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	react.production.min.js Show response unpkg.com/react@18.2.0/umd/ Redirect Chain https://unpkg.com/react@18/umd/react.production.min.js https://unpkg.com/react@18.2.0/umd/react.production.min.js	10 KB 4 KB	37ms 37ms	Script application/javascript	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/react@18.2.0/umd/react.production.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1245792 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HF3Q2RXZ5B9HCTBSYAVF9E18-ams server cloudflare etag W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 82cbe251eb77b978-AMS Redirect headers date Mon, 27 Nov 2023 16:52:52 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HG8TZ9HTXVD04PDRRFM0BCPS-ams server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 199 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /react@18.2.0/umd/react.production.min.js cache-control public, s-maxage=600, max-age=60 cf-ray 82cbe251ab18b978-AMS
GET H2	200	react-dom.production.min.js Show response unpkg.com/react-dom@18.2.0/umd/ Redirect Chain https://unpkg.com/react-dom@18/umd/react-dom.production.min.js https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js	129 KB 43 KB	42ms 41ms	Script application/javascript	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1517637 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HEVKTRAWVYKJ900RB3X2Q1KR-ams server cloudflare etag W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 82cbe251fb7fb978-AMS Redirect headers date Mon, 27 Nov 2023 16:52:52 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HG8TPVD92C7RBMG0F0X3MNPQ-ams server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 476 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /react-dom@18.2.0/umd/react-dom.production.min.js cache-control public, s-maxage=600, max-age=60 cf-ray 82cbe251bb28b978-AMS
GET H3	200	signInCombo-2.1.umd.js Show response pwe.epochbase.com/libs/	252 KB 72 KB	185ms 130ms	Script text/javascript	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/libs/signInCombo-2.1.umd.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 133bd9c50accec513f057a09b3be1d84c8c791b8646640223573deca444f4657 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT content-encoding gzip via 1.1 google last-modified Thu, 16 Nov 2023 22:13:49 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/javascript; charset=UTF-8 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	NTDLogo.svg i.ntd.com/assets/themes/ntd/images/	660 B 1 KB	34ms 33ms	Image image/svg+xml	2.19.198.163 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.198.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-198-163.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Mon, 27 Nov 2023 16:52:52 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 660 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-294" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=27035362 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 725F	55 KB 24 KB	155ms 33ms	Stylesheet text/css	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 14:16:03 GMT content-encoding gzip x-content-type-options nosniff age 9409 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 26 Nov 2024 14:16:03 GMT
GET H3	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 725F	467 KB 467 KB	172ms 65ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 06:36:47 GMT x-content-type-options nosniff age 209765 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 477845 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Nov 2024 06:36:47 GMT
GET H/1.1	200 OK	11436040.jpeg static2.mixi.media/img/400x300/	35 KB 36 KB	187ms 91ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static2.mixi.media/img/400x300/11436040.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash e6d9098d1b952bfc6b6a8313f5de108d2579182a8cab3aed431475b362715ece Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Sat, 25 Nov 2023 10:57:58 GMT Server nginx ETag W/"6561d336-5104" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 36160
GET H/1.1	200 OK	11415314.jpeg static3.mixi.media/img/400x300/	50 KB 50 KB	185ms 91ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static3.mixi.media/img/400x300/11415314.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 751f916eef378462304f9f5cfefdfa560eba2ae4ec02c7b94d3bca7214c002b3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Thu, 16 Nov 2023 09:14:39 GMT Server nginx ETag W/"6555dd7f-13f17" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 50889
GET H/1.1	200 OK	11293684.jpeg static8.mixi.media/img/400x300/	37 KB 37 KB	186ms 92ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static8.mixi.media/img/400x300/11293684.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash a69962faa76a4320441014adb346553b9d1b298f9b7687ac3bf58df131c3ecdc Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Tue, 26 Sep 2023 06:48:27 GMT Server nginx ETag W/"65127ebb-ca1c" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 38062
GET H/1.1	200 OK	11411503.jpeg static3.mixi.media/img/400x300/	74 KB 74 KB	184ms 91ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static3.mixi.media/img/400x300/11411503.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 9a22035361ff03a917f8a03ee6efeb4848ca6caded308c2630c1031bfe754d92 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Tue, 14 Nov 2023 17:07:48 GMT Server nginx ETag W/"6553a964-14d49c" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 75388
GET H/1.1	200 OK	11323881.jpeg static3.mixi.media/img/400x300/	31 KB 31 KB	184ms 91ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static3.mixi.media/img/400x300/11323881.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 388b4ee883554412c588e73347213b78e2d6cd7cec70af5001881aecb913957f Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Sun, 08 Oct 2023 16:50:06 GMT Server nginx ETag W/"6522ddbe-1ada3" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 32002
GET H/1.1	200 OK	10900496.jpeg static6.mixi.media/img/400x300/	50 KB 50 KB	209ms 92ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static6.mixi.media/img/400x300/10900496.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash c45f727175a5bc71fe22e65130ece4127b262d1e789df17c2559ae3a8c0dbcd4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Sat, 01 Apr 2023 08:43:12 GMT Server nginx ETag W/"6427eea0-1ed2a" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 50931
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 460 B	448ms 361ms	XHR text/javascript	18.66.138.185 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&pid=0whZSP7nNce09&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.138.185 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-138-185.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P4 x-amz-rid 2NPACTT57Z4Z1EHXD9Y5 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id niyZaQ5cx1KsoFmhHruWHSDo7uHQN6XYUD3lnFJ0jPfUHuYnyrtiwQ==
POST H/1.1	200 OK	cookie_sync Show response prebid.adnxs.com/pbs/v1/	638 B 747 B	93ms 26ms	XHR application/json	185.89.208.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/cookie_sync Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash f90338473cb76d2ea048cf525b2b2b42208ac2d559ec801976e3e002747eb5fc Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:52 GMT Content-Encoding gzip Server nginx/1.21.3 Transfer-Encoding chunked Vary Accept-Encoding, Origin Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires 0
POST		auction prebid.adnxs.com/pbs/v1/openrtb2/	0 0
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	618 B 1 KB	110ms 34ms	XHR application/json	2602:803:c003:200::44 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=a6b76a41-c4be-44eb-b7be-58d6d23896a3&l_pb_bid_id=64101407dcb09a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.535779681287023 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 1b3e5401671b815421cda8167668198cf0bccaee2be0d6f6b1b56c39b9502c04 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	prebid Show response exchange.postrelease.com/	0 389 B	352ms 113ms	XHR application/json	107.22.251.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://exchange.postrelease.com/prebid?ntv_pb_rid=7527ce834ada6a&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.22.251.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-251-49.compute-1.amazonaws.com Software nginx/1.12.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT content-encoding gzip server nginx/1.12.2 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true content-length 20 expires Mon, 1 Jan 1990 12:00:00 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 408 B	226ms 151ms	XHR application/json	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://www.ntd.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41 alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	139 B 700 B	86ms 26ms	XHR application/json	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 1b424f834d876b127042759b54c1798daf3c768364e29c1271e04161b1e3c254 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT an-x-request-uuid 5ada92b0-92da-4172-bd2f-37459ec11f6e server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 139 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 548 B	113ms 53ms	XHR application/json	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22130240c1ab948c5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22149a306455b54a2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 662c967a6559d6acc0645e8535e220240b8d9a5c617ef66da423600b936cd586 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BL18CGa8X51XKIo%2Fx0rY3%2BcCuKzva1SrAyLGx6%2ByjZsc6mAA4o86%2Bxl%2BDDlD5vVcaQhdBmsonN0n1q47zSoRqJCO1cHAultZ31QmuAc%2B6mB%2FVkU4IJsxuqlmdeREEGw9VZh5oeT"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache access-control-allow-credentials true cf-ray 82cbe252f81d66ca-AMS alt-svc h3=":443"; ma=86400 content-length 37 expires 0
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 460 B	215ms 148ms	XHR text/javascript	18.66.138.185 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&pid=0whZSP7nNce09&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_ads_right_top_300_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.138.185 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-138-185.fra60.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P4 x-amz-rid 9ZB7TAQ5JT5J4EK8N2GC vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id TutacIypm7XiPVp6x2S5knX-9htCAx_Zb_iS7BTiHxsg_OC2HjG7aA==
POST		auction prebid.adnxs.com/pbs/v1/openrtb2/	0 0
GET H2	200	prebid Show response exchange.postrelease.com/	0 390 B	339ms 112ms	XHR application/json	107.22.251.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://exchange.postrelease.com/prebid?ntv_pb_rid=20083251ff855c9&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MCwic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.22.251.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-251-49.compute-1.amazonaws.com Software nginx/1.12.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT content-encoding gzip server nginx/1.12.2 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true content-length 20 expires Mon, 1 Jan 1990 12:00:00 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	139 B 698 B	77ms 27ms	XHR application/json	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash d2138555004f66b15d6f08380690d23fd093a13f431c6c49e951cc7e7f28145c Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT an-x-request-uuid ea9a54b0-40a3-42a6-8a65-e43e2ebe117f server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 139 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 314 B	116ms 65ms	XHR application/json	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=360713&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224b7a4f324b4558%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22251f16c2786387a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e68b77d75e06082a9c751d052148b9c499f9651e61f27690ad8c2e0f00a04710 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2B1kpjEN0UXDxUCzVaN03lpsb4Hm0iYCuV%2FcLp4XI6e%2Bwa%2F0enX0w6fIk68a7SzlqbmhXTLD4lPIdNcIhg%2BcZzEx%2Fu2aa3wVEiEkXYiztVRjv9B1j8Vldt84LIRUBhaoF8xa5%2B3X"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache access-control-allow-credentials true cf-ray 82cbe252f82166ca-AMS alt-svc h3=":443"; ma=86400 content-length 37 expires 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 407 B	213ms 152ms	XHR application/json	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://www.ntd.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41 alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	586 B 925 B	121ms 60ms	XHR application/json	2602:803:c003:200::44 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&rf=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-3&tk_flint=pbjs_lite_v6.23.0&x_source.tid=aa6c0872-23cb-4e2b-8e68-2bcdd92cf6c3&l_pb_bid_id=290666b5cf1aa53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-3&slots=1&rand=0.39519735731921357 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 35a81af6162bd0a318003fc05371414e007d143c0601d6ba641f5e157b8764fd Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 586 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	settings Show response stat.media/counter/	450 B 1 KB	200ms 64ms	Script application/javascript	82.148.14.195 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/settings?payload=COeDAxjO2sqNwTE&cb=_callbacks____0lph5dtij Requested by Host: stat.mixi.media URL: https://stat.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel25.imcmdb.net Software nginx / Resource Hash cb4df0d2bd50d0b6de77f90b9d9543dbf8abd0ccf17cc0bc844f583400e8d71e Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:52 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript
GET H2	204	current prebid-match.dotomi.com/match/bounce/	0 104 B	144ms 49ms	Image text/plain	2a02:fa8:8806:12::1400 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 725F	2 KB 2 KB	33ms 33ms	Image image/png	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 20:04:28 GMT x-content-type-options nosniff age 593304 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 27 Nov 2023 20:04:28 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 725F	15 KB 15 KB	113ms 40ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 23:26:56 GMT x-content-type-options nosniff age 321956 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 23:26:56 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 725F	15 KB 16 KB	106ms 32ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 21:01:27 GMT x-content-type-options nosniff age 417085 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Nov 2024 21:01:27 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 725F	102 B 135 B	42ms 42ms	Other text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 57179112de4d4b4e1d1b6c501c17a9e90fc8517e5160d82ef95083fe69b1e1be Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=yy6i16tftvi7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 27 Nov 2023 16:52:52 GMT
GET H2	200	ActaDeck-Medium.otf cdn.epoch.cloud/assets/fonts/	51 KB 51 KB	98ms 33ms	Font application/octet-stream	2606:4700:e6::ac40:cb07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2090 alt-svc h3=":443"; ma=86400 content-length 51776 last-modified Wed, 19 Feb 2020 18:57:39 GMT server cloudflare etag "5e4d8523-ca40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfQG3k%2B9nA4HwzYydBBkqTeRjNFX9HxQhgT2ZOAmuJGOayUkDDM4GJBovC9N2JOZ4FY3z6WIGeCzZZ63994IJQWjQZFGZqqhht5KdbcwWiuTodktMkHcAbeUVV0KHdE4t090WGfMrfomxRDBQr0%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 82cbe254d8b966de-AMS
GET H2	200	RingsideNarrow-Medium.otf cdn.epoch.cloud/assets/fonts/	123 KB 124 KB	124ms 60ms	Font application/octet-stream	2606:4700:e6::ac40:cb07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55 Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2090 alt-svc h3=":443"; ma=86400 content-length 126244 last-modified Tue, 07 Jun 2022 20:08:09 GMT server cloudflare etag "629fb029-1ed24" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJabz1sgYOBxTpy0BYmHQ2UR60gq3%2BUt54koGgxLdMTZtdeqWq2r8KDMU1tXauB8WuuKGAf5kNVya1D9%2BndXqMK0syzMW3csErwa8NcD6JiDwdxVAAFELSU4ZOjp0SoAknQ%2FnZubkFcHKykO%2F7k%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 82cbe254d8b866de-AMS
GET H2	200	us.gif sync.go.sonobi.com/	49 B 445 B	321ms 101ms	Image image/gif	69.166.1.34 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.166.1.34 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:52 GMT server sonobi-go vary negotiate,Accept-Encoding x-go-server go-iad-2-5-196 content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store, private tcn Choice content-length 49 x-xss-protection 0 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	lc2.js Show response b-code.liadm.com/	47 KB 15 KB	128ms 37ms	Script application/javascript	2600:9000:225e:4800:8:8845:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-code.liadm.com/lc2.js Requested by Host: s3-us-west-2.amazonaws.com URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:12:58 GMT content-encoding gzip via 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 77994 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control "public, max-age=86400" x-amz-cf-id FGKOPv30blPjcbET8tAHhqNvOeyGx4ZN5CbMo9cGOSEbu_4yuTiG5Q==
GET H/1.1	200	/ mixi.media/cookiematching/	43 B 880 B	124ms 124ms	Image image/gif	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGE5MjlmOWIxLThiZTctNDc2MC1iYzVlLWUwZDU2MWM4ZTk2OBoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzAxMTAzOTcyNTk0GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGY2NTljOTA4LWZhYmQtNDU4Mi1hYjIzLTEyN2QxNzA3MmUwNxoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1701103972667 Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache, no-cache Date Mon, 27 Nov 2023 16:52:52 GMT Last-Modified Monday, 27-Nov-2023 16:52:52 GMT Server nginx Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive Content-Length 43 Expires Mon, 27 Nov 2023 16:52:52 GMT
POST H/1.1	204 No Content	view Show response stat.media/counter/	0 135 B	190ms 62ms	XHR text/plain	82.148.14.195 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/view Requested by Host: stat.mixi.media URL: https://stat.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel25.imcmdb.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * Date Mon, 27 Nov 2023 16:52:52 GMT Server nginx Connection keep-alive
GET H2	200	j Show response rp4.liadm.com/ Redirect Chain https://rp.liadm.com/j?dtstmp=1701103972891&se=e30&duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&tna=v2.11.1&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-me... https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&tna=v2.11.1&dtstmp=1701103972891&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-fal...	13 B 318 B	352ms 110ms	XHR application/json	3.215.46.21 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&tna=v2.11.1&dtstmp=1701103972891&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D Protocol H2 Server 3.215.46.21 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-46-21.compute-1.amazonaws.com Software / Resource Hash efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:53 GMT x-pixel-event-id 2d95911b-529d-49c5-85b8-c96cc21cf1d6 access-control-allow-methods GET content-type application/json access-control-allow-origin null access-control-expose-headers * access-control-allow-credentials true content-length 13 Redirect headers location https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&tna=v2.11.1&dtstmp=1701103972891&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D access-control-allow-origin https://www.ntd.com date Mon, 27 Nov 2023 16:52:53 GMT access-control-expose-headers * access-control-allow-credentials true content-length 0 access-control-allow-methods GET
GET H2	204	72731 Show response idx.liadm.com/idex/unknown/	0 367 B	343ms 110ms	XHR text/plain	3.223.198.8 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hg8v5ccytpbm7710vtp86war&resolve=md5 Requested by Host: b-code.liadm.com URL: https://b-code.liadm.com/lc2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.223.198.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-223-198-8.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:53 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin request-time 0 access-control-allow-origin https://www.ntd.com cache-control max-age=3599, private access-control-allow-credentials true trace-id 292c3ebd701671be expires Mon, 27 Nov 2023 17:52:53 GMT
POST H/1.1	204 No Content	view Show response stat.media/counter/	0 135 B	62ms 62ms	XHR text/plain	82.148.14.195 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/view Requested by Host: stat.mixi.media URL: https://stat.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel25.imcmdb.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * Date Mon, 27 Nov 2023 16:52:52 GMT Server nginx Connection keep-alive
GET H2	200	/ Show response a.clickcertain.com/px/ Redirect Chain https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html https://a.clickcertain.com/px/smart/a/?seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&c=2455d1796b86efb https://a.clickcertain.com/px/?c=2455d1796b86efb	4 KB 2 KB	140ms 139ms	Script text/javascript	2606:4700:20::681a:932 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.clickcertain.com/px/?c=2455d1796b86efb Protocol H2 Server 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7738a55de8bd2bca378fc72f42747d06545fa6e2ee53362e9feb88d3efdbb6aa Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:53 GMT content-encoding br x-frontend cc-nginx-5c6697d5bd-xxx85:cc-nginx-5c6697d5bd-xxx85 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-requestid 583e82ae-a896-48b4-98df-9f222a5c6b4a report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Onv91lC2Vxci%2FnkQn9EiGLWJIDsdZUSyzJ%2BxGFe9qXCkLtXFW1M%2Fq07CbrTfKw5DKgMzS%2FSiLHvPqsRuv82MDDP7rLUGEC2E2xePoPbw0GzP5hXKWRU%2F9HzqSW7evizgYZuo6Kp6wuOozdlPIeC3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 82cbe25969840e35-AMS Redirect headers date Mon, 27 Nov 2023 16:52:53 GMT x-frontend cc-nginx-5c6697d5bd-w672k:cc-nginx-5c6697d5bd-w672k cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-requestid 46f081d1-de75-44c0-aaea-1e9bcef08bd5 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hmboCYb8XU3VvnmKXdD0PIn9TKQp%2BeQ74vSLVeGwDVbkxl%2FPfCIS%2FdooQGlbaJQ0KnQwBtot%2FIMY3DccWO3NkSA0rOvvBgyCcvtUJgtxoL0ltPutgeUQPH8746rshz0rz18dOVWfW6i8YYefv0fjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript location https://a.clickcertain.com/px/?c=2455d1796b86efb cf-ray 82cbe25888320e35-AMS
GET H3	200	a www.googletagmanager.com/	0 11 B	47ms 47ms	Image text/html	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?v=3&t=l&pid=971163934&rv=3b81&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&gtm=45je3b81v896365836&ccid=96365836&cid=G-2BRDBGYLL0&l=G-2BRDBGYLL0.L2472.S6.Y13.B26.E1183.I1473.EC6.TC20.HTC0~gtm.init.S0.V0.E35.TS5ogtgasend.TI16.TE0.TS5ogtreferralexclusion.TI18.TE0.TS5ogtsessiontimeout.TI19.TE0.TS5ogt1pdatav2.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ccdconversionmarking.TI23.TE0.TS5ccdemvideo.TI24.TE0.TS5ccdemsitesearch.TI25.TE0.TS5ccdemscroll.TI26.TE0.TS5ccdempageview.TI27.TE0.TS5ccdemoutboundclick.TI28.TE0.TS5ccdemform.TI29.TE1.TS5ccdemdownload.TI30.TE1.TS5ccdgaregscope.TI31.TE0.TS5ogtgooglesignals.TI32.TE0.TS5ogtgagamlink.TI33.TE0.TS5setproductsettings.TI34.TE0.TS5ccdgafirst.TI35.TE0~gtm.js.S0.V0.E22.TS5gct.TI13.TE0~*~gtm.dom.S0.V0.E9~gtm.load.S0.V0.E0~gtm.init_consent.S0.V0.E31~GA541 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:52 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	p.gif p.alocdn.com/c/vn3d8u2u/a/etarget/ Redirect Chain https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C... https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...	42 B 351 B	183ms 182ms	Image image/gif	35.83.60.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25225137ca3c-72e0-443e-a71d-be1672b3b66c%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tdc=1 Protocol H2 Server 35.83.60.10 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-60-10.us-west-2.compute.amazonaws.com Software nginx/1.20.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" date Mon, 27 Nov 2023 16:52:53 GMT server nginx/1.20.1 content-type image/GIF Redirect headers location /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25225137ca3c-72e0-443e-a71d-be1672b3b66c%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tdc=1 date Mon, 27 Nov 2023 16:52:53 GMT p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" server nginx/1.20.1 content-type image/GIF
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	51 KB 13 KB	1101ms 1100ms	Fetch text/plain	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1101708259305320&correlator=4307070719307356&eid=31079667%2C31079672%2C31079657%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_below_end_336&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701103973506&lmt=1701103973&adxs=459&adys=12898&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&vis=1&psz=835x13277&msz=300x0&fws=4&ohw=1600&ga_vid=1264366601.1701103972&ga_sid=1701103974&ga_hid=1226942535&ga_fc=true&dlt=1701103970179&idt=2024&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=2418553208&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd3f2c11e4fc7340e78a60b3a5561fae895fec77cbc88e18ad2cd152bf2cde67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12530 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	239ms 108ms	XHR application/json	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c53cd068220a0daaee6f07c0c9f031a7f22140ea9605c1237cdc027deffd0f80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12165 x-xss-protection 0
GET H2	200	container.html Show response 6f1637caa14441954749249e03a1edd1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 314C	6 KB 3 KB	134ms 42ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6f1637caa14441954749249e03a1edd1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 16:52:53 GMT expires Tue, 26 Nov 2024 16:52:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	609 B 497 B	1307ms 1307ms	Fetch text/plain	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1101708259305320&correlator=4307070719307356&eid=31079667%2C31079672%2C31079657%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701103973524&lmt=1701103973&adxs=1069&adys=1371&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&vis=1&psz=370x14980&msz=300x0&fws=4&ohw=1600&ga_vid=1264366601.1701103972&ga_sid=1701103974&ga_hid=1226942535&ga_fc=true&dlt=1701103970179&idt=2024&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=1165351140&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2a12df6d52d039a2d60c0d470fb224e5ce30e1dcaeb347b13ed6f125c68390ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 271 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	2939ms 2803ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 27 Nov 2023 16:52:56 GMT
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame A31E	3 KB 1 KB	95ms 33ms	Document text/html	104.18.38.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 785 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 82cbe261a921b963-AMS content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 27 Nov 2023 16:52:54 GMT expires Mon, 27 Nov 2023 20:52:54 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame 0F6A	3 KB 2 KB	94ms 33ms	Document text/html	104.18.38.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 785 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 82cbe261a920b963-AMS content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 27 Nov 2023 16:52:54 GMT expires Mon, 27 Nov 2023 20:52:54 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 7655	52 KB 17 KB	169ms 37ms	Document text/html	23.39.156.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.39.156.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-39-156-181.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Mon, 27 Nov 2023 16:52:54 GMT ETag "623de86a-cf34" Expires Tue, 28 Nov 2023 16:52:56 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
GET H2	204	/ onetag-sys.com/usync/ Frame 5736	0 0	34ms 33ms	Document text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1701103972479 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 cache-control no-store strict-transport-security max-age=15552000
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 619D	281 B 555 B	117ms 43ms	Document text/html	23.218.210.30 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-210-30.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Mon, 27 Nov 2023 16:52:54 GMT ETag "280525-119-60930cbd3cec0" Last-Modified Thu, 02 Nov 2023 19:57:23 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H2	204	/ onetag-sys.com/usync/ Frame 0A7A	0 0	33ms 33ms	Document text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1701103972478 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 cache-control no-store strict-transport-security max-age=15552000
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 9F88	52 KB 17 KB	189ms 56ms	Document text/html	23.39.156.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.39.156.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-39-156-181.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Mon, 27 Nov 2023 16:52:54 GMT ETag "623de86a-cf34" Expires Tue, 28 Nov 2023 16:52:56 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012310301456000/ Frame 4DB0	196 KB 56 KB	110ms 34ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 25 Nov 2023 04:19:00 GMT age 218034 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56081 x-xss-protection 0 server sffe etag "6a17d296884b026a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 24 Nov 2024 04:19:00 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4DB0	15 KB 5 KB	172ms 96ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 21:48:00 GMT age 327894 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "0b7142e00666043e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 22 Nov 2024 21:48:00 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4DB0	95 KB 29 KB	175ms 100ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 25 Nov 2023 01:47:30 GMT age 227124 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29077 x-xss-protection 0 server sffe etag "7b1f1965b6cd6fda" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 24 Nov 2024 01:47:30 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4DB0	5 KB 2 KB	169ms 93ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 Nov 2023 22:04:26 GMT age 240508 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1911 x-xss-protection 0 server sffe etag "5b0a82507b260c6e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 23 Nov 2024 22:04:26 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4DB0	40 KB 13 KB	188ms 113ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 23:09:32 GMT age 323002 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12952 x-xss-protection 0 server sffe etag "9817e561a46c70fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 22 Nov 2024 23:09:32 GMT
GET DATA	200 OK	truncated / Frame 4DB0	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f665bb4f5d475e668ec5415761d3c75698303335f44e39c0b494819f1efe042d Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	15736467465496571570 tpc.googlesyndication.com/simgad/ Frame 4DB0	19 KB 19 KB	66ms 65ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15736467465496571570?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlsBt1J_KykflMxVPTh-bMo-fraEg Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c6d8235b188079fb1d828a587a3a8beaefa352bb70e61c69672772d0cd21cdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 06:47:07 GMT x-content-type-options nosniff age 209147 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19628 x-xss-protection 0 last-modified Thu, 19 Jan 2023 00:57:29 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 24 Nov 2024 06:47:07 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DB0	2 KB 3 KB	62ms 62ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 17:17:56 GMT x-content-type-options nosniff server cafe age 84898 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Mon, 27 Nov 2023 17:17:56 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DB0	295 B 665 B	61ms 61ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 21:36:38 GMT x-content-type-options nosniff server cafe age 69376 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Mon, 27 Nov 2023 21:36:38 GMT
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame 4764 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 831 B	52ms 51ms	Document text/html	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b854b6dbcf5fcf8b9f9379d84b2d2287d222212e6d25c7408c5a950d68cc6a51 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 82cbe2625d1866ca-AMS content-encoding br content-type text/html date Mon, 27 Nov 2023 16:52:54 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emW0ddW3sBkAG6bU8ZKR%2BHDT%2BQ3w%2Fx2L9igOeXi7b3ZnlTdd7ti8ojQP1UifrtiCnODRPUJMe2ywTkdPBHUn2gc50Bl54bQXLgCkJsCfn%2BI4ztyOBxjwxuBy7phpOk0zmro10RDv9%2BS%2Frw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 82cbe2620cae66ca-AMS content-length 0 date Mon, 27 Nov 2023 16:52:54 GMT expires 0 location /usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Pj73luoC8uhq6fMf0VnGSQIZzPcRR%2FSNwTc4JENs37FhlG%2B9dsXMoqsTmDUb%2FQvWjiI7E7B9ZEyZSzQgzNxFKJ%2FFxE9EjAC2piynmBYqLARUENmIrgShSjLmrmORltobCvDAKh8H%2FMp4Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame E7BC Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 866 B	54ms 53ms	Document text/html	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a570a1cb856a26942c334a35a227d10e0ca06913920d5239a995c65ab41fc85 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 82cbe2625d1d66ca-AMS content-encoding br content-type text/html date Mon, 27 Nov 2023 16:52:54 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOoOzx8Qt2MStoDFqX7JH8beQK563clhKn2wImm32kCj%2Bo0aRIFQF7yF1rX0JHY%2B2ue5C7YZF6zK2PLvUT0FuxtLYq4Os6SPFI2NlLt2pUj04p8A0JLHoC3VN5PU9vyMhBw8riZzuefWXg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 82cbe2620cac66ca-AMS content-length 0 date Mon, 27 Nov 2023 16:52:54 GMT expires 0 location /usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utXVFMg1nnt4Wf4lxJmR8m%2BIFgWPzvA3Iz8Ayn9AIg6YbFxEgOIVfH4y497AHgEzvswew2Qj4JeWf5DpZ6RgcQY7xXAKYYQzBiX%2Ftn1%2B6GOuvpefQVgLpdUCMHnjRI5xUo4t4j7WAvwIhQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 619D	46 KB 13 KB	33ms 33ms	Script text/html	23.218.210.30 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-210-30.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash b26fe5fa11212a2d528dfd8f30e5471d4a4ae981d9f3d8ebc350bd519b3aae25 Request headers accept-language nl-NL,nl;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 16:52:54 GMT Content-Encoding gzip Last-Modified Mon, 27 Nov 2023 09:14:38 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=58849 Connection keep-alive Content-Length 13230 Expires Tue, 28 Nov 2023 09:13:43 GMT
GET H/1.1	200 OK	khaos.json Show response token.rubiconproject.com/ Frame 619D	7 B 380 B	141ms 34ms	XHR application/json	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://token.rubiconproject.com/khaos.json? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628 Request headers accept-language nl-NL,nl;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type application/json; charset=UTF-8 access-control-allow-origin https://eus.rubiconproject.com Cache-Control no-cache,no-store,must-revalidate access-control-allow-credentials true content-length 7 X-RPHost 54ae5f20a7acdd83fd00ddb00e96a2c1 Expires 0
GET H2	200	bounce Show response ib.adnxs.com/ Frame 7655 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 648 B	27ms 26ms	Script text/html	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT an-x-request-uuid 8dc030f9-a427-4557-91ab-8aa68d3af6a3 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT an-x-request-uuid 6fb8392b-2357-4aef-80ec-f137ff4f70eb server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	bounce Show response ib.adnxs.com/ Frame 9F88 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 648 B	26ms 25ms	Script text/html	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT an-x-request-uuid e8bc163c-33ac-40d6-a44a-b9254f127a12 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT an-x-request-uuid 176e67ef-1b1a-48bd-934d-93e31867ceac server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 4764	70 B 148 B	140ms 44ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT server Kestrel content-length 70 content-type image/gif
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 4764 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gpp=&gpp_sid= https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gpp=&gpp_sid=&dcc=t	43 B 855 B	148ms 148ms	Image image/gif	52.46.151.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gpp=&gpp_sid=&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:55 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 2J0JK58AVFRX7NFT6047 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:55 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid GXS7QBWXPWCQFNH0HM3A Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gpp=&gpp_sid=&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame 4764 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzX9NE-9ooVmCfKdGzaiog&google_cver=1	43 B 734 B	55ms 55ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzX9NE-9ooVmCfKdGzaiog&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g78jlvBt6NfOJBbXi%2FxbvBqe18osdWriCPlkqlggZVTdE%2FCiWaW15svAQ9QNMdcnqYEj9yyq9ZIp17M%2FzC5uqVnYJSe9WlVq50jhemTVaXCzgu%2F6vWLT8Rm1ovLXdJI8DTeoU6mGqb6gKg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe263c9560ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzX9NE-9ooVmCfKdGzaiog&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 364 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 4764 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWTJZkAxHGupLrs953JIVgAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENe7a420W7YKWxIZ-6aMmb4&google_cver=1	43 B 731 B	60ms 60ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENe7a420W7YKWxIZ-6aMmb4&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jzVS8o7UW%2FJDpjsmtXT3tEqzmrij3GJXnf34SXwRYgY9oBYkufiucKxUuHVmh3cgq9ym3BovABmO6uIu1gnjMGpu54pNqLrz%2FmEOgIOspNWq0Un4TdYkzja0vIme52w9rCGKj9XdGrYow%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe263c9590ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENe7a420W7YKWxIZ-6aMmb4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 4764 Redirect Chain https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=	43 B 739 B	50ms 49ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pW%2F4Y%2FF86T8ZljCXD0nJUeqD4Y5V5XbkwDpxJGVIUN6G%2F2qFmooXGYyNc0A1pnwNTSizCRiqhk7aODU%2F5GNP77UyMdmtuG%2Futg94tQl%2F8ygvdwnkBPUHA6UOD3tTAtOr%2FusFAK8xv2YhkA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe265bbc20ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id= Pragma no-cache Date Mon, 27 Nov 2023 16:52:55 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 95 Content-Type text/html; charset=utf-8
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 4764 Redirect Chain https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=	43 B 771 B	50ms 49ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce78vJLCypcvoRcw%2BlePd%2BzimibScYLg86R%2BXDaijRhRKS2SjtHOUnwcudJHL2ncxh7ILAkTLUsRpQp9VhhytFjBQNPNNofUJLhaZp5IJit0QyUcwVzrqc3L6slKiazRx7YB%2B%2BjtgXMY2Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe263a9360ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id= date Mon, 27 Nov 2023 16:52:54 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 content-type text/html; charset=utf-8
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 4764 Redirect Chain https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTJZu0Wzs3fsSClm9G9PwAA%263340&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@	43 B 362 B	86ms 27ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 196769 expires Mon, 27 Nov 2023 00:00:00 GMT Redirect headers Location https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ Date Mon, 27 Nov 2023 16:52:55 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 3
GET H2	200	ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB pr-bh.ybp.yahoo.com/sync/casale/ Frame 4764	43 B 603 B	144ms 45ms	Image image/gif	2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/casale/ZWTJZu0Wzs3fsSClm9G9PwAADQwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif content-length 43
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame 4764	43 B 229 B	38ms 32ms	Image image/gif	104.18.38.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?ZWTJZu0Wzs3fsSClm9G9PwAA%263340 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 58504 etag "902a3d-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=86400 accept-ranges bytes cf-ray 82cbe262fa9fb963-AMS content-length 43 expires Tue, 28 Nov 2023 16:52:54 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame E7BC Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWTJZkAxHGupLrs953JIVgAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR2sM_yLObCV-8Vj5QSid0&google_cver=1	43 B 735 B	52ms 52ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR2sM_yLObCV-8Vj5QSid0&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtiY8nVC2F6EkQEA%2FfewNL86Tca1JPvnGrC8UuOituvrtx5GLqvLSpdV8QPnUupLd4%2FDLCILfGsn2Mbb2HjTJuEHWIq5mA1zTxgq3rRJ2P7SetGfzY%2BY9YsmJX%2FW7nugmIoXxVGIVLEwJQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe263c9580ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR2sM_yLObCV-8Vj5QSid0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame E7BC	70 B 149 B	133ms 43ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame E7BC Redirect Chain https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWTJZkAxHGupLrs953JIVgAA%262183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@	43 B 363 B	85ms 26ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:54 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 196559 expires Mon, 27 Nov 2023 00:00:00 GMT Redirect headers Location https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ Date Mon, 27 Nov 2023 16:52:55 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 3
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame E7BC Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZkAxHGupLrs953JIVgAACIcAAAAB&gpp=&gpp_sid= https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZkAxHGupLrs953JIVgAACIcAAAAB&gpp=&gpp_sid=&dcc=t	43 B 855 B	136ms 136ms	Image image/gif	52.46.151.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZkAxHGupLrs953JIVgAACIcAAAAB&gpp=&gpp_sid=&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:55 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid RY939X0C6CH2P3KVS616 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 27 Nov 2023 16:52:55 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 119ZMGAQYYQAA0B5N7FZ Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWTJZkAxHGupLrs953JIVgAACIcAAAAB&gpp=&gpp_sid=&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame E7BC Redirect Chain https://trace.mediago.io/ju/cs/indexexchange https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=1b7de7e82fb7ed112vd3vm00lph5dvs7	43 B 738 B	50ms 50ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=1b7de7e82fb7ed112vd3vm00lph5dvs7 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYBq3jTDGx5yDMtGg9ROOq%2B6vh8SI%2BU1NutIVB%2BsAChCCHi2HsDDoUIfiap1InCvPdYg4NHqBwlQhGN2tfQ%2FCY2p40nq6LL0m2fDPjFefag%2Fut9XtfUviMMDtG%2BqCI3B6ScTtOyg2H0TBw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe2658b840ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers date Mon, 27 Nov 2023 16:52:55 GMT via 1.1 google access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=1b7de7e82fb7ed112vd3vm00lph5dvs7 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	ix ad4m.at/ad/sim/ Frame E7BC	0 0	109ms 36ms	Image text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad4m.at/ad/sim/ix Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H3	200	crum dsum-sec.casalemedia.com/ Frame E7BC Redirect Chain https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19A4206DF6F843749B81DAF49AFA69CD	43 B 732 B	52ms 52ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19A4206DF6F843749B81DAF49AFA69CD Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaIZeKXZC4QftYDAWeUaNnGkYcNzmUUznNWsHZi7WuIZG3VOj2PstvSToPW%2FkyA1CvTNDXmdkA5TsGImLdFZA86SEw0NpQv8Bx3CJ525a7nbcct9T%2BJh3BQNe0hWm9ntLJlYwgTbpY6MLA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82cbe263a9450ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers date Mon, 27 Nov 2023 16:52:54 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19A4206DF6F843749B81DAF49AFA69CD access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sun, 26 Nov 2023 16:52:54 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame E7BC Redirect Chain https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ac65c6e2-5140-4a53-928f-23f231e18152&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null	43 B 477 B	50ms 50ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ac65c6e2-5140-4a53-928f-23f231e18152&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQHRkq8dBw9yBJxhvYZBdKa3Xr%2FF0cyrRJ7jQiBkiP8J8JDPHmCZv%2BBWAZyh9zsyMAkIDvEONfpMKKt3JX6MOAhhYPbxiwbp07%2FoM2R6L%2FUjrRDj4JdvF1CeADJgqiW1ovaZfeQEIBaOpg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache cf-ray 82cbe263a9380ba6-AMS alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ac65c6e2-5140-4a53-928f-23f231e18152&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null date Mon, 27 Nov 2023 16:52:54 GMT server _ content-length 0
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame E7BC	43 B 103 B	37ms 32ms	Image image/gif	104.18.38.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?ZWTJZkAxHGupLrs953JIVgAA%262183 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:54 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 58504 etag "902a3d-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=86400 accept-ranges bytes cf-ray 82cbe262fa9eb963-AMS content-length 43 expires Tue, 28 Nov 2023 16:52:54 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 4DB0 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	199ms 70ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H2 Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Redirect headers date Mon, 27 Nov 2023 16:52:54 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4DB0	0 0	109ms 108ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CuO6OZclkZcbiIurn1PIPiJ6GoAmPyc_6cujwgN66ERQQASDo0LAfYJGEoIWMGKAB7LPywAHIAQLgAgCoAwHIAwiqBIoDT9BhE08JUQkDCu97Gd4U04m5brMvzQg4AuHhmjGs3lzOXJQZqfOrFgExbx7-XF0SyiZehZCB9fw9Nodftf8TzbzOlfEPEoUjaV12Omm2dQPq0zpn0GJ6UhNfgxsC8PAYu089eBOXk3QR9qIsEZBS5ALluqFCMndglzOz6PoxwwnvNk_wrL5Yr0p7ErfJYm4My1cPdxkrnvyOSCtMJs25WMeOatCu_RDg-0i9IjO__-9icWC2GoqSrWfy7Fcvb-4T3DgdNNP4eGdRKMvr4IsAxqxv_BkZyPzrsrDzBs7fpYCfw39H8rSCUIeDxekXJOX_7zRpvyj7QsQVXSCfxT3M7vdjAHdUlZZJcwLMS0x0RyebnDcQePpbSon1lIxWRq6OODcYnb6zlRzLaE2XE7LVlUOlB4bMWl7TcbL04tyHqdNgxoNGs2-U8Qjf-2BpEZGx2mgCFRCFnQRGeDSyDwBg1T8Bwss7fQS8o2NSas0WeMAfZZ8aODQ4lEXc0M5aKGZAYzwRc2cdSABg7MAE09_ctpwE4AQBiAWUudWySJIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKiiDNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI2ajHkNLkggMV6jNVCB0IjwGU2BMM0BUBmBYBgBcBshceChwIABIUcHViLTIyMTE1NTI1Mzc3MDQ0MDcYwNwM&sigh=WP6Kai0jtVo&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNr1TeHot5BIpxUPbMWkSH4CtyLS9ujMl9bhBbZZju1bAj02szyo1z6DXTV7k0cR1efmtwzvVtTzFC2F1HOmfsaJbf8mgusg3G3hgB&cbvp=2 Requested by Host: www.ntd.com URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame 7655	0 597 B	27ms 26ms	Script text/html	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT an-x-request-uuid e96220a0-5808-44a3-8aeb-e25af3f34dfb server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame 9F88	0 597 B	26ms 25ms	Script text/html	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 16:52:55 GMT an-x-request-uuid 642dd4e0-2d5a-4c71-910a-28f8c12fd3fa server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 31.204.150.110; 31.204.150.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E37	13 KB 5 KB	62ms 60ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 10334 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 14:00:42 GMT expires Tue, 26 Nov 2024 14:00:42 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame C721	829 B 559 B	42ms 42ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 46213f865f1f349a815bed27637bc083cef6d0e24bc4505c0a943e9fc899359f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-isbK6fuZWm2SHYcNePNKmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-isbK6fuZWm2SHYcNePNKmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 16:52:56 GMT expires Mon, 27 Nov 2023 16:52:56 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C721	0 0	133ms 67ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1101708259305320&rc=null Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H3	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame 3E37	39 KB 15 KB	79ms 32ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:22:34 GMT content-encoding br x-content-type-options nosniff age 12622 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 26 Nov 2024 13:22:34 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 3E37	0 10 B	32ms 31ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?L3CaRw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:52:56 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	70ms 69ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1101708259305320&bg=!R0SlRAvNAAZxrfrxUa07ADQBe5WfOK3zilHXGUsy_hi6NYeyBIPFmC_KZ5F-Fqqams4TehuZrpguqWouZy40htP9IE9eAgAAADhSAAAAA2gBB5kCtLhgkSDAi9DQkTTDQHCcnkyEX6p1nxy2aJR2eQN3jGaX9pNmCaoxm2LS_3AUfCMBaGGbFCIqF_r6r1VKZrlQqCIQwJOno6rYpo2fqSiXUIkDdqqYZqLYGfRWxd4oaKNEbrLFzuK2gHvTWVwWBNbqEXbGWuIt6P0dIUfx5CPOzzTxVuQvOmoCuCJeKG87GwoQff8bpW-lI-_h6u8lT8YQNtitWY-zB1mxyEwmfmIIUjLStZy8ZjljF-_zRTqTu1IQkm8-t9Y96zXcInu_QT99mdXxCSmV1O9BqyV4omeS5AXAy3U2cviXjSK1ZcWhq5ORfMjkHymhJ9qIhjOud-a_PIt6bUyv5QP_5L_5OhEn-azBizqAT2NpToILotYPiNVVVaw6aKEWh2SDCXI3hDWU5HlYlvpxi7VwVomsORGzoV27v0T0aoDhhRiiav1bN3R_Yt7eS7bHuhLveCIesvvqMsJVSmRD_DCiqY9Qg7pV_pMH3DrLhC-7--4all95-qTNtOzqrdymJeCcFQPFhaX-vBzBZJxAdhiS7YXsUI6MKbXLLk0YmqGI8iy-53LPvXOL2p329m7al4aPI9eFPy4pHkIPJJaaUXp3LQc81-0x6EXJR2-QAQIpAfZI271KjVmYlaaj7h5-zTYqf-2Vnc-Lj7-UM4I1_4NUugxvGUlnjqeYgw3jIvqE5jArhOJ87ywi2mR1vwDXTw37Xnav8z4NM6hdRVrRrOmwL23oRGzshU_9iMVrAIBkgLqNtA0St5WFlxSeCBfCfyfMvCP-KBWKadEfRyKNRIWdkjanxROM9JxCMd5t1IvNNGjn7qWG8DA01Th6wJlYRiCufH23LaFzHgy6VMkWniWR9_uRRlUzUOBI4Fn-r1Va5Ows_xCi7SXnGuc9Jucg_eiOsBUCypL7UyXQ7AOW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

prebid.adnxs.com

URL

https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain

prebid.adnxs.com

URL

https://prebid.adnxs.com/pbs/v1/openrtb2/auction